CVE-2014-2486 — Path Traversal in Oracle VM Virtualbox
Severity
3.6LOWNVD
NVD3.0GHSA9.8
EPSS
0.1%
top 76.46%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJul 17
Latest updateMay 24
Description
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3.2.24, 4.0.26, 4.1.34, 4.2.26, and 4.3.12 allows local users to affect integrity and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-2477.
CVSS vector
AV:L/AC:M/C:N/I:P/A:PExploitability: 2.7 | Impact: 4.9
Affected Packages2 packages
🔴Vulnerability Details
7GHSA▶
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins↗2022-05-24
GHSA▶
GHSA-mhxv-5q9h-hp9c: Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3↗2022-05-14
GHSA▶
GHSA-cfv3-vpqw-2xgj: Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3↗2022-05-14
CVEList▶
CVE-2014-2486: Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3↗2014-07-17
OSV▶
CVE-2014-2486: Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3↗2014-07-17