CVE-2015-0012

Sažetak

Microsoft System Center Virtual Machine Manager (VMM) 2012 R2 Update Rollup 4 does not properly validate the roles of users, which allows local users to obtain server and virtual-machine administrative privileges by establishing a server session with Active Directory credentials, aka "Virtual Machine Manager Elevation of Privilege Vulnerability."

Reference

http://www.securityfocus.com/bid/72473
http://www.securitytracker.com/id/1031726
http://www.securitytracker.com/id/1034652
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-017
https://exchange.xforce.ibmcloud.com/vulnerabilities/100428

CVSS

Base:	6.9
Impact:	10.0
Exploitability:	3.4

Pristup

Vektor	Složenost	Autentikacija
LOCAL	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

20-11-2018 - 20:29

Objavljeno

11-02-2015 - 03:00