VU#928116 - CVE-2017-10353: Oracle Virtualization Virtual media users lacking virtualbox extensions. Vulnerability in the Virtualization component of Oracle Virtualization (subcomponent: Virtual media). Supported versions that are affected are prior to 5.1.3. Easily exploitable vulnerability allows user with low privileged access to escalate privileges to root. Successful attacks of this vulnerability can result in privilege escalation to root. CVSS 3.1 Base Score 6.5 (Confidentiality impacts). VU#928116 - CVE-2017-10353: Oracle Virtualization Virtual media users lacking virtualbox extensions. Vulnerability in the Virtualization component of Oracle Virtualization (subcomponent: Virtual media). Supported versions that are affected are prior to 5.1.3. Easily exploitable vulnerability allows user with low privileged access to escalate privileges to root. Successful attacks of this vulnerability can result in privilege escalation to root. CVSS 3.1 Base Score 6.5 (Confidentiality impacts). VU#928116 - CVE-2017-10353: Oracle Virtualization Virtual media users lacking virtualbox extensions. Vulnerability in the Virtualization component of Oracle Virtualization (subcomponent: Virtual media). Supported versions that are affected are prior to 5.1.3. Easily exploitable vulnerability allows user with low privileged access to escalate privileges to root. Successful attacks of this vulnerability can result in privilege escalation to root. CVSS 3.

Oracle Virtualization (subcomponent: Virtual media)

Vulnerability in the Virtualization component of Oracle Virtualization (subcomponent: Virtual media). Supported versions that are affected are prior to 5.1.3.
Easily exploitable vulnerability allows user with low privileged access to escalate privileges to root. Successful attacks of this vulnerability can result in privilege escalation to root. CVSS 3.1 Base Score 6.5 (Confidentiality impacts).

Oracle Virtualization Special Conditions and Considerations

The following Oracle Virtualization special conditions apply:
- This vulnerability does not affect the Oracle Solaris OS release.
- This vulnerability is fixed in the current release.
- Vulnerability in the Virtualization component of Oracle Virtualization (subcomponent: Virtual media). Supported versions that are affected are prior to 5.1.3. Easily exploitable vulnerability allows user with low privileged access to escalate privileges to root. Successful attacks of this vulnerability can result in privilege escalation to root. CVSS 3.1 Base Score 6.5 (Confidentiality impacts).

Oracle Linux and Oracle Virtualization

Oracle Linux and Oracle Virtualization (OVM) are both Linux-based operating systems that offer a wide range of features.

Oracle Virtualization (subcomponent: Process Management)

VU#928116 - CVE-2017-10353: Oracle Virtualization Virtual media users lacking virtualbox extensions. Vulnerability in the Virtualization component of Oracle Virtualization (subcomponent: Process Management). Supported versions that are affected are prior to 5.1.3. Easily exploitable vulnerability allows user with low privileged access to escalate privileges to root. Successful attacks of this vulnerability can result in privilege escalation to root. CVSS 3.1 Base Score 6.5 (Confidentiality impacts). VU#928116 - CVE-2017-10353: Oracle Virtualization Virtual media users lacking virtualbox extensions. Vulnerability in the Virtualization component of Oracle Virtualization (subcomponent: Process Management). Supported versions that are affected are prior to 5.1.3. Easily exploitable vulnerability allows user with low privileged access to escalate privileges to root. Successful attacks of this vulnerability can result in privilege escalation to root. CVSS 3.1 Base Score 6.5 (Confidentiality impacts).

Timeline

Published on: 10/18/2022 21:15:00 UTC
Last modified on: 10/18/2022 21:18:00 UTC

References