The vCenter Server contains a local privilege escalation vulnerability due to the way it handles session tokens. A malicious actor with non-administrative user access on vCenter Server host may exploit this issue to escalate privileges to Administrator on the vSphere Client (HTML5) or vCenter Server vSphere Web Client (FLEX/Flash).
Name | Vendor | Start Version | End Version |
---|---|---|---|
Cloud_foundation | Vmware | 3.0 | * |
Cloud_foundation | Vmware | 4.0 | * |
Vcenter_server | Vmware | 6.5 | 6.5 |
Vcenter_server | Vmware | 6.5 | 6.5 |
Vcenter_server | Vmware | 6.5 | 6.5 |
Vcenter_server | Vmware | 6.5 | 6.5 |
Vcenter_server | Vmware | 6.5 | 6.5 |
Vcenter_server | Vmware | 6.5 | 6.5 |
Vcenter_server | Vmware | 6.5 | 6.5 |
Vcenter_server | Vmware | 6.5 | 6.5 |
Vcenter_server | Vmware | 6.5 | 6.5 |
Vcenter_server | Vmware | 6.5 | 6.5 |
Vcenter_server | Vmware | 6.5 | 6.5 |
Vcenter_server | Vmware | 6.5 | 6.5 |
Vcenter_server | Vmware | 6.5 | 6.5 |
Vcenter_server | Vmware | 6.5 | 6.5 |
Vcenter_server | Vmware | 6.5 | 6.5 |
Vcenter_server | Vmware | 6.5 | 6.5 |
Vcenter_server | Vmware | 6.5 | 6.5 |
Vcenter_server | Vmware | 6.5 | 6.5 |
Vcenter_server | Vmware | 6.5 | 6.5 |
Vcenter_server | Vmware | 6.5 | 6.5 |
Vcenter_server | Vmware | 6.5 | 6.5 |
Vcenter_server | Vmware | 6.5 | 6.5 |
Vcenter_server | Vmware | 6.5 | 6.5 |
Vcenter_server | Vmware | 6.5 | 6.5 |
Vcenter_server | Vmware | 6.7 | 6.7 |
Vcenter_server | Vmware | 6.7 | 6.7 |
Vcenter_server | Vmware | 6.7 | 6.7 |
Vcenter_server | Vmware | 6.7 | 6.7 |
Vcenter_server | Vmware | 6.7 | 6.7 |
Vcenter_server | Vmware | 6.7 | 6.7 |
Vcenter_server | Vmware | 6.7 | 6.7 |
Vcenter_server | Vmware | 6.7 | 6.7 |
Vcenter_server | Vmware | 6.7 | 6.7 |
Vcenter_server | Vmware | 6.7 | 6.7 |
Vcenter_server | Vmware | 6.7 | 6.7 |
Vcenter_server | Vmware | 6.7 | 6.7 |
Vcenter_server | Vmware | 6.7 | 6.7 |
Vcenter_server | Vmware | 6.7 | 6.7 |
Vcenter_server | Vmware | 6.7 | 6.7 |
Vcenter_server | Vmware | 6.7 | 6.7 |
Vcenter_server | Vmware | 6.7 | 6.7 |
Vcenter_server | Vmware | 6.7 | 6.7 |
Vcenter_server | Vmware | 6.7 | 6.7 |
Vcenter_server | Vmware | 7.0 | 7.0 |
Vcenter_server | Vmware | 7.0 | 7.0 |
Vcenter_server | Vmware | 7.0 | 7.0 |
Vcenter_server | Vmware | 7.0 | 7.0 |
Vcenter_server | Vmware | 7.0 | 7.0 |
Vcenter_server | Vmware | 7.0 | 7.0 |
Vcenter_server | Vmware | 7.0 | 7.0 |
Vcenter_server | Vmware | 7.0 | 7.0 |
Vcenter_server | Vmware | 7.0 | 7.0 |
Vcenter_server | Vmware | 7.0 | 7.0 |
Vcenter_server | Vmware | 7.0 | 7.0 |
Vcenter_server | Vmware | 7.0 | 7.0 |