CVE-2008-4281 — Path Traversal in Vmware ESX

CWE-22 — Path Traversal3 documents3 sources

Severity

9.3CRITICALNVD

EPSS

0.3%

top 48.53%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Vmware ESX Vmware Esxi

Timeline

PublishedNov 10

Latest updateMay 2

Description

Directory traversal vulnerability in VMWare ESXi 3.5 before ESXe350-200810401-O-UG and ESX 3.5 before ESX350-200810201-UG allows administrators with the Datastore.FileManagement privilege to gain privileges via unknown vectors.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

▶NVDvmware/esxi3.5

▶NVDvmware/esx3.5

Patches

Patch: lists.vmware.com ↗Patch: lists.vmware.com ↗

🔴Vulnerability Details

GHSA

GHSA-26mj-pvmw-qq79: Directory traversal vulnerability in VMWare ESXi 3↗2022-05-02

▶

CVEList

CVE-2008-4281: Directory traversal vulnerability in VMWare ESXi 3↗2008-11-10

▶