SB2017072701 - Multiple vulnerabilities in VMware vCenter Server and Tools
Published: August 1, 2017
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 4 secuirty vulnerabilities.
1) Race condition (CVE-ID: CVE-2015-5191)
The vulnerability allows a local attacker to gain elevated privileges.
The vulnerability exists due to a race condition in the libDeployPkg component. A local attacker can use the hard-coded paths under /tm, trigger race condition and gain root privileges on the system.
2) Information disclosure (CVE-ID: CVE-2017-4922)
The vulnerability allows a remote attacker to obtain potentially sensitive information.
The vulnerability exists due to improper storing of sensitive information by the service startup script. A remote attacker can trigger the service startup script restart and access important data that may be used to conduct further attack.
Successful exploitation of the vulnerability results in information disclosure.
3) Information disclosure (CVE-ID: CVE-2017-4923)
The vulnerability allows a remote attacker to obtain potentially sensitive information.
The vulnerability exists due to improper security restrictions that are set on the vCenter Server Appliance file-based backup feature. A remote attacker can use the file-based backup feature to access important data, such as plaintext credentials, that may be used to conduct further attack.
Successful exploitation of the vulnerability results in information disclosure.
4) Insecure DLL library loading (CVE-ID: CVE-2017-4921)
The vulnerability allows a remote attacker to gain elevated privileges.
The vulnerability exists due to insecure library loading flaw in the LD_LIBRARY_PATH variable. A remote attacker can trick the victim into execution of wrapper scripts from a world writable directory and gain elevated privileges.
Successful exploitation of the vulnerability may result in system compromise.
Remediation
Install update from vendor's website.