Oracle VM VirtualBox يصل إلى6.1.23 Core Local Privilege Escalation

مجال21/07/2021 10:3825/07/2021 19:5425/07/2021 20:02
vendorOracleOracleOracle
nameVM VirtualBoxVM VirtualBoxVM VirtualBox
cveCVE-2021-2409CVE-2021-2409CVE-2021-2409
componentCoreCoreCore
risk222
cvss3_vuldb_avLLL
cvss3_vuldb_acLLL
cvss3_vuldb_prHHH
cvss3_vuldb_uiNNN
cvss3_vuldb_sCCC
cvss3_vuldb_cHHH
cvss3_vuldb_iHHH
cvss3_vuldb_aHHH
cvss3_vuldb_rcCCC
cvss3_vuldb_rlOOO
version<=6.1.23<=6.1.23<=6.1.23
urlhttps://www.oracle.com/security-alerts/cpujul2021.htmlhttps://www.oracle.com/security-alerts/cpujul2021.htmlhttps://www.oracle.com/security-alerts/cpujul2021.html
date1626732000 (20/07/2021)1626732000 (20/07/2021)1626732000 (20/07/2021)
date1626732000 (20/07/2021)1626732000 (20/07/2021)1626732000 (20/07/2021)
identifierOracle Critical Patch Update Advisory - July 2021Oracle Critical Patch Update Advisory - July 2021Oracle Critical Patch Update Advisory - July 2021
nameUpgradeUpgradeUpgrade
typeVirtualization SoftwareVirtualization SoftwareVirtualization Software
cvss2_vuldb_avLLL
cvss2_vuldb_acLLL
cvss2_vuldb_auMMM
cvss2_vuldb_ciCCC
cvss2_vuldb_iiCCC
cvss2_vuldb_aiCCC
cvss2_vuldb_rcCCC
cvss2_vuldb_rlOFOFOF
cvss2_vuldb_eNDNDND
cvss3_vuldb_eXXX
cvss2_vuldb_basescore6.56.56.5
cvss2_vuldb_tempscore5.75.75.7
cvss3_vuldb_basescore8.28.28.2
cvss3_vuldb_tempscore7.87.87.8
cvss3_meta_basescore8.28.28.2
cvss3_meta_tempscore7.87.87.8
price_0day$5k-$25k$5k-$25k$5k-$25k
cve_assigned1607468400 (09/12/2020)1607468400 (09/12/2020)
cve_nvd_summaryVulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
cvss2_nvd_avL
cvss2_nvd_acL
cvss2_nvd_auN
cvss2_nvd_ciP
cvss2_nvd_iiP
cvss2_nvd_aiP
cve_cnaOracle
cvss2_nvd_basescore4.6

Do you need the next level of professionalism?

Upgrade your account now!