File Access Vulnerability in VMware ESXi and ESX Products
CVE-2013-5973
Currently unrated
Summary
A vulnerability exists in VMware ESXi and ESX products that allows local users with certain roles, such as Virtual Machine Power User or Resource Pool Administrator, to read or modify files that should be protected. This can be accomplished through the Add Existing Disk action in vCenter Server using specific filename patterns, leading to potential unauthorized access of sensitive data.
References
Timeline
Vulnerability published
Vulnerability Reserved