Home

CVE-2021-22015

Description

The vCenter Server contains multiple local privilege escalation vulnerabilities due to improper permissions of files and directories. An authenticated local user with non-administrative privilege may exploit these issues to elevate their privileges to root on vCenter Server Appliance.

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
1.789

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in VMware vCenter 6.5Windows
Multiple Vulnerabilities are affected in VMware vCenter 6.7Windows
Multiple Vulnerabilities are affected in VMware vCenter 7.0Windows
Multiple Vulnerabilities are affected in VMware vCenter Server 6.5Windows
Multiple Vulnerabilities are affected in VMware vCenter Server 6.7Windows
Multiple Vulnerabilities are affected in VMware vCenter Server 7.0Windows

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234