CVE-2015-0012

Currently unrated

Key Information:

Vendor: Microsoft
Status: Virtual Machine Manager
Vendor: CVE Published:; 11 February 2015

Summary

Microsoft System Center Virtual Machine Manager (VMM) 2012 R2 Update Rollup 4 does not properly validate the roles of users, which allows local users to obtain server and virtual-machine administrative privileges by establishing a server session with Active Directory credentials, aka "Virtual Machine Manager Elevation of Privilege Vulnerability."

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/100428

vdb-entryx_refsource_XF

http://www.securitytracker.com/id/1031726

vdb-entryx_refsource_SECTRACK

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

EPSS Score

0% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Feb 11, 2015
Vulnerability Reserved
Nov 18, 2014

Collectors

NVD DatabaseMitre Database