Vulnerability in Oracle VM VirtualBox Affecting Oracle Virtualization
CVE-2017-10129

8.8HIGH

Key Information:

Vendor
Oracle
Status
Oracle Vm Virtualbox
Vendor
CVE Published:
8 August 2017

Summary

A vulnerability exists in Oracle VM VirtualBox that allows low privileged attackers with access to the infrastructure to exploit the system. This improper authentication weakness can lead to potential takeover of Oracle VM VirtualBox, impacting not only the virtual environment but also potentially affecting various connected products. Successful exploitation of this vulnerability can seriously compromise the integrity, confidentiality, and availability of the affected systems.

Affected Version(s)

Oracle VM VirtualBox < 5.1.24

References

http://www.securityfocus.com/bid/99638
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1038929
vdb-entryx_refsource_SECTRACK
https://www.exploit-db.com/exploits/42426/
exploitx_refsource_EXPLOIT-DB

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.