Skip to main content

Vagrant Vmware Fusion

4 CVEs product

Monthly

CVE-2017-15884 HIGH POC This Week

In HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 5.0.0, a local attacker or malware can silently subvert the plugin update process in order to escalate to root privileges. Rated high severity (CVSS 7.0). Public exploit code available and no vendor patch available.

Race Condition Hashicorp VMware Privilege Escalation Vagrant Vmware Fusion
NVD Exploit-DB
CVSS 3.0
7.0
EPSS
0.1%
CVE-2017-12579 HIGH POC This Week

An insecure suid wrapper binary in the HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 4.0.24 and earlier allows a non-root user to obtain a root shell. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Hashicorp VMware Information Disclosure Vagrant Vmware Fusion
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
1.1%
CVE-2017-11741 HIGH POC This Week

HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) before 4.0.24 uses weak permissions for the sudo helper scripts, allows local users to execute arbitrary code with root privileges. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

RCE Hashicorp VMware Privilege Escalation Vagrant Vmware Fusion
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
0.3%
CVE-2017-7642 HIGH POC This Week

The sudo helper in the HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) before 4.0.21 allows local users to gain root privileges by leveraging failure to verify the path to the. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Hashicorp VMware Information Disclosure Vagrant Vmware Fusion
NVD GitHub Exploit-DB
CVSS 3.0
7.8
EPSS
0.4%
EPSS 0% CVSS 7.0
HIGH POC This Week

In HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 5.0.0, a local attacker or malware can silently subvert the plugin update process in order to escalate to root privileges. Rated high severity (CVSS 7.0). Public exploit code available and no vendor patch available.

Race Condition Hashicorp VMware +2
NVD Exploit-DB
EPSS 1% CVSS 7.8
HIGH POC This Week

An insecure suid wrapper binary in the HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 4.0.24 and earlier allows a non-root user to obtain a root shell. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Hashicorp VMware Information Disclosure +1
NVD Exploit-DB
EPSS 0% CVSS 8.8
HIGH POC This Week

HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) before 4.0.24 uses weak permissions for the sudo helper scripts, allows local users to execute arbitrary code with root privileges. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

RCE Hashicorp VMware +2
NVD Exploit-DB
EPSS 0% CVSS 7.8
HIGH POC This Week

The sudo helper in the HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) before 4.0.21 allows local users to gain root privileges by leveraging failure to verify the path to the. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Hashicorp VMware Information Disclosure +1
NVD GitHub Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy