CVE-2017-4922

MEDIUM

VMware vCenter Server <6.5 U1 - Info Disclosure

Title source: llm

Description

VMware vCenter Server (6.5 prior to 6.5 U1) contains an information disclosure issue due to the service startup script using world writable directories as temporary storage for critical information. Successful exploitation of this issue may allow unprivileged host users to access certain critical information when the service gets restarted.

References (3)

Scores

CVSS v3 6.5
EPSS 0.0044
EPSS Percentile 63.1%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-200
Status published
Products (2)
vmware/vcenter_server
n/a/n/a
Published Aug 01, 2017
Tracked Since Feb 18, 2026