Vulnerability in Vmware Esx
CVE-2013-5973
VMware ESXi 4.0 through 5.5 and ESX 4.0 and 4.1 allow local users to read or modify arbitrary files by leveraging the Virtual Machine Power User or Resource Pool Administrator role for a vCenter Server Add Existing Disk action with a (1) -…
EPSS: 0.000 (10.3th percentile) — read the EPSS interpretation.
Affected products
- Vmware Esx — versions 4.0, 4.1
- Vmware Esxi — versions 4.0, 4.1, 5.0
- N/a — versions n/a
Weakness classification (CWE)
References
- vmware-esx-esxi-cve20135973-sec-bypass(89938) (vdb-entry, x_refsource_XF)
- 20131223 NEW VMSA-2013-0016 VMware ESXi and ESX unauthorized file access through vCenter Server and ESX (mailing-list, x_refsource_BUGTRAQ)
- 101387 (x_refsource_OSVDB, vdb-entry)
- JVN#13154935 (x_refsource_JVN, third-party-advisory)
- cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)
- JVNDB-2013-000123 (x_refsource_JVNDB, third-party-advisory)
- 64491 (vdb-entry, x_refsource_BID)
- 1029529 (vdb-entry, x_refsource_SECTRACK)