CVE-2017-4943

VMware vCenter Server Appliance (vCSA) (6.5 before 6.5 U1d) contains a local privilege escalation vulnerability via the 'showlog' plugin. Successful exploitation of this issue could result in a low privileged user gaining root level privileges over the appliance base OS.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
vmwareCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 8%
VendorProductVersion
vmwarevcenter_server
6.5:a
vmwarevcenter_server
6.5:b
vmwarevcenter_server
6.5:c
vmwarevcenter_server
6.5:d
vmwarevcenter_server
6.5:e
vmwarevcenter_server
6.5:f
vmwarevcenter_server
6.5:update1
vmwarevcenter_server
6.5:update1b
vmwarevcenter_server
6.5:update1c
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securitytracker.com/id/1040026
https://www.vmware.com/security/advisories/VMSA-2017-0021.html
http://www.securitytracker.com/id/1040026
https://www.vmware.com/security/advisories/VMSA-2017-0021.html