CVE-2017-4919

CVE-2017-4919

EPSS 2.0%

VMware vCenter Server 5.5, 6.0, 6.5 allows vSphere users with certain, limited vSphere privileges to use the VIX API to access Guest Operating Systems without the need to authenticate.

Affected products

VMware · VMware vCenter Server

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://www.securityfocus.com/bid/100102 http://www.securitytracker.com/id/1039004 http://www.vmware.com/security/advisories/VMSA-2017-0012.html