Vulnerability in Hashicorp Vagrant
CVE-2024-10228
The Vagrant VMWare Utility Windows installer targeted a custom location with a non-protected path that could be modified by an unprivileged user, introducing potential for unauthorized file system writes. This vulnerability, CVE-2024-10228…
EPSS: 0.000 (13.4th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 3.8 (Low). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N.
Affected products
- Hashicorp Vagrant — versions 0
Weakness classification (CWE)
References
Frequently asked questions
- What is CVE-2024-10228?
- CVE-2024-10228 is a low-severity vulnerability in Hashicorp Vagrant, classified under Incorrect Permission Assignment for Critical Resource. CVSS score: 3.8/10. Published 2024-10-29.
- How severe is CVE-2024-10228?
- Low severity. CVSS v3 base score is 3.8 out of 10.