CVE-2013-5973

EUVD-2013-5803
VMware ESXi 4.0 through 5.5 and ESX 4.0 and 4.1 allow local users to read or modify arbitrary files by leveraging the Virtual Machine Power User or Resource Pool Administrator role for a vCenter Server Add Existing Disk action with a (1) -flat, (2) -rdm, or (3) -rdmp filename.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.4 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 9%
Affected Products (NVD)
VendorProductVersion
vmwareesx
4.0
vmwareesx
4.1
vmwareesxi
4.0
vmwareesxi
4.0:1
vmwareesxi
4.0:2
vmwareesxi
4.0:3
vmwareesxi
4.0:4
vmwareesxi
4.1
vmwareesxi
4.1:1
vmwareesxi
4.1:2
vmwareesxi
5.0
vmwareesxi
5.0:1
vmwareesxi
5.0:2
vmwareesxi
5.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://jvn.jp/en/jp/JVN13154935/index.html
http://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000123.html
http://osvdb.org/101387
http://www.securityfocus.com/archive/1/530482/100/0/threaded
http://www.securityfocus.com/bid/64491
http://www.securitytracker.com/id/1029529
http://www.vmware.com/security/advisories/VMSA-2013-0016.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/89938
http://jvn.jp/en/jp/JVN13154935/index.html
http://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000123.html
http://osvdb.org/101387
http://www.securityfocus.com/archive/1/530482/100/0/threaded
http://www.securityfocus.com/bid/64491
http://www.securitytracker.com/id/1029529
http://www.vmware.com/security/advisories/VMSA-2013-0016.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/89938