File Access Vulnerability in VMware ESXi and ESX Products
CVE-2013-5973

Currently unrated

Key Information:

Vendor
Vmware
Status
Vendor
CVE Published:
23 December 2013

Summary

A vulnerability exists in VMware ESXi and ESX products that allows local users with certain roles, such as Virtual Machine Power User or Resource Pool Administrator, to read or modify files that should be protected. This can be accomplished through the Add Existing Disk action in vCenter Server using specific filename patterns, leading to potential unauthorized access of sensitive data.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.