Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:hashicorp:vagrant_vmware_fusion:3.1.1:*:*:*:*:vagrant:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2017-12579 |
An insecure suid wrapper binary in the HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 4.0.24 and earlier allows a non-root user to obtain a root shell. Published: October 19, 2017; 9:29:00 AM -0400 |
V3.0: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2017-11741 |
HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) before 4.0.24 uses weak permissions for the sudo helper scripts, allows local users to execute arbitrary code with root privileges by overwriting one of the scripts. Published: August 08, 2017; 3:29:00 PM -0400 |
V3.0: 8.8 HIGH V2.0: 7.2 HIGH |
CVE-2017-7642 |
The sudo helper in the HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) before 4.0.21 allows local users to gain root privileges by leveraging failure to verify the path to the encoded ruby script or scrub the PATH variable. Published: August 02, 2017; 3:29:00 PM -0400 |
V3.0: 7.8 HIGH V2.0: 7.2 HIGH |