CVE-2017-16839

7HIGH

Key Information:

Vendor
Hashicorp
Status
Vagrant Vmware Fusion
Vendor
CVE Published:
29 March 2018

Summary

Hashicorp vagrant-vmware-fusion 5.0.4 allows local users to steal root privileges if VMware Fusion is not installed.

References

https://m4.rkw.io/blog/cve201716839-hashicorp-vagrantvmwa...
x_refsource_MISC

CVSS V3.1

Score:
7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.