Vulnerability in Oracle VM VirtualBox Core Component
CVE-2017-3575
7.9HIGH
Summary
A vulnerability in the Oracle VM VirtualBox component can be exploited by an attacker with high privileges who has access to the infrastructure hosting Oracle VM VirtualBox. This exploitation allows for unauthorized actions, including the creation, deletion, or modification of critical data accessible to Oracle VM VirtualBox. Furthermore, successful attacks can lead to denial of service conditions, causing the system to hang or crash repeatedly, which could impact not only Oracle VM VirtualBox but additional products relying on it.
Affected Version(s)
Oracle VM VirtualBox < 5.0.38
Oracle VM VirtualBox < 5.1.20
References
CVSS V3.1
Score:
7.9
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved