Oracle VM VirtualBox يصل إلى6.1.23 Core Local Privilege Escalation

مجال21/07/2021 10:3825/07/2021 20:2625/07/2021 20:34
vendorOracleOracleOracle
nameVM VirtualBoxVM VirtualBoxVM VirtualBox
cveCVE-2021-2454CVE-2021-2454CVE-2021-2454
componentCoreCoreCore
risk222
cvss3_vuldb_avLLL
cvss3_vuldb_acHHH
cvss3_vuldb_prLLL
cvss3_vuldb_uiNNN
cvss3_vuldb_sUUU
cvss3_vuldb_cHHH
cvss3_vuldb_iHHH
cvss3_vuldb_aHHH
cvss3_vuldb_rcCCC
cvss3_vuldb_rlOOO
version<=6.1.23<=6.1.23<=6.1.23
urlhttps://www.oracle.com/security-alerts/cpujul2021.htmlhttps://www.oracle.com/security-alerts/cpujul2021.htmlhttps://www.oracle.com/security-alerts/cpujul2021.html
date1626732000 (20/07/2021)1626732000 (20/07/2021)1626732000 (20/07/2021)
date1626732000 (20/07/2021)1626732000 (20/07/2021)1626732000 (20/07/2021)
identifierOracle Critical Patch Update Advisory - July 2021Oracle Critical Patch Update Advisory - July 2021Oracle Critical Patch Update Advisory - July 2021
nameUpgradeUpgradeUpgrade
typeVirtualization SoftwareVirtualization SoftwareVirtualization Software
cvss2_vuldb_avLLL
cvss2_vuldb_acHHH
cvss2_vuldb_ciCCC
cvss2_vuldb_iiCCC
cvss2_vuldb_aiCCC
cvss2_vuldb_rcCCC
cvss2_vuldb_rlOFOFOF
cvss2_vuldb_auSSS
cvss2_vuldb_eNDNDND
cvss3_vuldb_eXXX
cvss2_vuldb_basescore6.06.06.0
cvss2_vuldb_tempscore5.25.25.2
cvss3_vuldb_basescore7.07.07.0
cvss3_vuldb_tempscore6.76.76.7
cvss3_meta_basescore7.07.07.0
cvss3_meta_tempscore6.76.76.7
price_0day$5k-$25k$5k-$25k$5k-$25k
cve_assigned1607468400 (09/12/2020)1607468400 (09/12/2020)
cve_nvd_summaryVulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.24. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H).Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.24. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H).
cvss2_nvd_avL
cvss2_nvd_acM
cvss2_nvd_auN
cvss2_nvd_ciP
cvss2_nvd_iiP
cvss2_nvd_aiP
cve_cnaOracle
cvss2_nvd_basescore4.4

Do you know our Splunk app?

Download it now for free!