CVE-2013-5973

Published Dec 23, 2013

Last updated 6 years ago

Overview

Description
VMware ESXi 4.0 through 5.5 and ESX 4.0 and 4.1 allow local users to read or modify arbitrary files by leveraging the Virtual Machine Power User or Resource Pool Administrator role for a vCenter Server Add Existing Disk action with a (1) -flat, (2) -rdm, or (3) -rdmp filename.
Source
cve@mitre.org
NVD status
Modified

Risk scores

CVSS 2.0

Type
Primary
Base score
4.4
Impact score
6.4
Exploitability score
3.4
Vector string
AV:L/AC:M/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov
CWE-264

Social media

Hype score
Not currently trending

Configurations