6.9

CVE-2015-0012

Microsoft System Center Virtual Machine Manager (VMM) 2012 R2 Update Rollup 4 does not properly validate the roles of users, which allows local users to obtain server and virtual-machine administrative privileges by establishing a server session with Active Directory credentials, aka "Virtual Machine Manager Elevation of Privilege Vulnerability."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftVirtual Machine Manager Version2012 Updater2_rollup4
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.64% 0.733
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.9 3.4 10
AV:L/AC:M/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.securityfocus.com/bid/72473
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1031726
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1034652
Third Party Advisory
VDB Entry
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-017
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/100428
VDB Entry