CVE-2013-5973

CWE-2643 documents3 sources
Severity
4.4MEDIUM
EPSS
0.0%
top 90.25%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Vmware ESXVmware Esxi
Timeline
PublishedDec 23
Latest updateMay 14

Description

VMware ESXi 4.0 through 5.5 and ESX 4.0 and 4.1 allow local users to read or modify arbitrary files by leveraging the Virtual Machine Power User or Resource Pool Administrator role for a vCenter Server Add Existing Disk action with a (1) -flat, (2) -rdm, or (3) -rdmp filename.

CVSS vector

AV:L/AC:M/C:P/I:P/A:PExploitability: 3.4 | Impact: 6.4

Affected Packages2 packages

NVDvmware/esxi4 versions+3
NVDvmware/esx4.0, 4.1+1

🔴Vulnerability Details

2
GHSA
GHSA-gw29-qp68-r97c: VMware ESXi 42022-05-14
CVEList
CVE-2013-5973: VMware ESXi 42013-12-23
CVE-2013-5973 (MEDIUM CVSS 4.4) | VMware ESXi 4.0 through 5.5 and ESX | cvebase.io