Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2020-4005 | First vendor Publication | 2020-11-20 |
Vendor | Cve | Last vendor Modification | 2024-11-21 |
Security-Database Scoring CVSS v3
Cvss vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | |||
---|---|---|---|
Overall CVSS Score | 7.8 | ||
Base Score | 7.8 | Environmental Score | 7.8 |
impact SubScore | 5.9 | Temporal Score | 7.8 |
Exploitabality Sub Score | 1.8 | ||
Attack Vector | Local | Attack Complexity | Low |
Privileges Required | Low | User Interaction | None |
Scope | Unchanged | Confidentiality Impact | High |
Integrity Impact | High | Availability Impact | High |
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.2 | Attack Range | Local |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
VMware ESXi (7.0 before ESXi70U1b-17168206, 6.7 before ESXi670-202011101-SG, 6.5 before ESXi650-202011301-SG) contains a privilege-escalation vulnerability that exists in the way certain system calls are being managed. A malicious actor with privileges within the VMX process only, may escalate their privileges on the affected system. Successful exploitation of this issue is only possible when chained with another vulnerability (e.g. CVE-2020-4004) |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4005 |
CPE : Common Platform Enumeration
Sources (Detail)
Source | Url |
---|
Alert History
Date | Informations |
---|---|
2024-11-28 13:45:26 |
|
2022-12-17 01:53:32 |
|
2022-12-16 01:50:58 |
|
2022-04-09 01:50:31 |
|
2022-01-08 01:43:14 |
|
2021-11-30 12:45:19 |
|
2021-08-05 01:39:18 |
|
2021-07-21 17:23:11 |
|
2021-05-04 14:02:43 |
|
2021-04-22 03:03:28 |
|
2021-04-06 01:33:37 |
|
2020-12-03 21:23:27 |
|
2020-11-21 05:22:53 |
|
2020-11-21 00:22:51 |
|