Vulnerability in Oracle VM VirtualBox Affects Oracle Virtualization Software
CVE-2017-10210

7.3HIGH

Key Information:

Vendor
Oracle
Status
Oracle Vm Virtualbox
Vendor
CVE Published:
8 August 2017

Summary

The vulnerability in Oracle VM VirtualBox allows attackers with high privileges to compromise the system. It can lead to unauthorized actions such as causing system hangs, repeated crashes (Denial of Service), and unauthorized access to sensitive data. Attackers can exploit this issue if they gain logon access to the infrastructure running Oracle VM VirtualBox, which may also affect other connected products. Users are urged to update to the latest version to mitigate these risks.

Affected Version(s)

Oracle VM VirtualBox < 5.1.24

References

http://www.securityfocus.com/bid/99640
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1038929
vdb-entryx_refsource_SECTRACK
http://www.oracle.com/technetwork/security-advisory/cpuju...
x_refsource_CONFIRM

CVSS V3.1

Score:
7.3
Severity:
HIGH
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.