VMware vCenter Server Appliance 6.5 < 6.5 U1 Multiple Vulnerabilities (VMSA-2017-0013)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

A virtualization appliance installed on the remote host is affected by
multiple vulnerabilities.

Description :

The version of VMware vCenter Server Appliance installed on the remote
host is 6.5 prior to 6.5 Update 1 (6.5 U1). It is, therefore, affected by
multiple vulnerabilities :

- An insecure library loading issue exists due to the use
of the LD_LIBRARY_PATH variable to look for specific
files or libraries that include the current working
directory, which may not be trusted or under user
control. An unauthenticated, remote attacker can exploit
this, by placing a specially crafted library in the path
before the installer is run, to inject and execute
arbitrary code in the context of the current user.
(CVE-2017-4921)

- An information disclosure vulnerability exists in the
service startup script due to the use of insecure world
writable directories for temporary storage of critical
information. A local attacker can exploit this to
disclose sensitive information. (CVE-2017-4922)

- An information disclosure vulnerability exists in the
file-based backup feature due to the storage of
sensitive information in plaintext. An unauthenticated,
remote attacker can exploit this to disclose
credentials.(CVE-2017-4923)

See also :

https://www.vmware.com/security/advisories/VMSA-2017-0013.html

Solution :

Upgrade to VMware vCenter Server Appliance 6.5 Update 1 (6.5 U1) or
later.

Risk factor :

Medium / CVSS Base Score : 6.9
(CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 5.1
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Misc.

Nessus Plugin ID: 102084 ()

Bugtraq ID: 99997
100006
100012

CVE ID: CVE-2017-4921
CVE-2017-4922
CVE-2017-4923

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now