Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2017-4952

UNKNOWN
Published 2018-05-02T14:00:00Z
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2017-4952. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

VMware Xenon 1.x, prior to 1.5.4-CR7_1, 1.5.7_7, 1.5.4-CR6_2, 1.3.7-CR1_2, 1.1.0-CR0-3, 1.1.0-CR3_1,1.4.2-CR4_1, and 1.5.4_8, contains an authentication bypass vulnerability due to insufficient access controls for utility endpoints. Successful exploitation of this issue may result in information disclosure.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

VMware

VMware Xenon

Affected Versions:

1.x prior to 1.5.4-CR7_1, 1.5.7_7, 1.5.4-CR6_2, 1.3.7-CR1_2, 1.1.0-CR0-3, 1.1.0-CR3_1,1.4.2-CR4_1, and 1.5.4_8.

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-rmq6-x837-659x

Advisory Details

VMware Xenon 1.x, prior to 1.5.4-CR7_1, 1.5.7_7, 1.5.4-CR6_2, 1.3.7-CR1_2, 1.1.0-CR0-3, 1.1.0-CR3_1,1.4.2-CR4_1, and 1.5.4_8, contains an authentication bypass vulnerability due to insufficient access controls for utility endpoints. Successful exploitation of this issue may result in information disclosure.

CVSS Scoring

CVSS Score

7.5

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2017-4952
WEB https://github.com/vmware/xenon/commit/055ae13603f0cc3cd7cf59f20ce314bf8db583e1
WEB https://github.com/vmware/xenon/commit/06b9947cf603ba40fd8b03bfeb2e84528a7ab592
WEB https://github.com/vmware/xenon/commit/30ae41bccf418d88b52b35a81efb3c1304b798f8
WEB https://github.com/vmware/xenon/commit/5682ef8d40569afd00fb9a5933e7706bb5b66713
WEB https://github.com/vmware/xenon/commit/756d893573414eec8635c2aba2345c4dcf10b21c
WEB https://github.com/vmware/xenon/commit/7a747d82b80cd38d2c11a0d9cdedb71c722a2c75
WEB https://github.com/vmware/xenon/commit/b1fd306047ecdac82661d636ebee801a7f2b3a0a
WEB https://github.com/vmware/xenon/commit/c23964eb57e846126daef98ef7ed15400313e977
WEB https://github.com/vmware/xenon/commit/ec30db9afada9cb52852082ce4d7d0095524f3b3
WEB http://seclists.org/oss-sec/2018/q1/153
WEB http://www.securityfocus.com/bid/103093

Advisory provided by GitHub Security Advisory Database. Published: May 13, 2022, Modified: May 13, 2022

References

https://github.com/vmware/xenon/commit/b1fd306047ecdac82661d636ebee801a7f2b3a0a
https://github.com/vmware/xenon/commit/30ae41bccf418d88b52b35a81efb3c1304b798f8
http://www.securityfocus.com/bid/103093
https://github.com/vmware/xenon/commit/756d893573414eec8635c2aba2345c4dcf10b21c
http://seclists.org/oss-sec/2018/q1/153
https://github.com/vmware/xenon/commit/5682ef8d40569afd00fb9a5933e7706bb5b66713
https://github.com/vmware/xenon/commit/ec30db9afada9cb52852082ce4d7d0095524f3b3
https://github.com/vmware/xenon/commit/055ae13603f0cc3cd7cf59f20ce314bf8db583e1
https://github.com/vmware/xenon/commit/c23964eb57e846126daef98ef7ed15400313e977
https://github.com/vmware/xenon/commit/7a747d82b80cd38d2c11a0d9cdedb71c722a2c75
https://github.com/vmware/xenon/commit/06b9947cf603ba40fd8b03bfeb2e84528a7ab592
Published: 2018-05-02T14:00:00Z
Last Modified: 2024-09-16T23:41:59.277Z
Copied to clipboard!