VMware vCenter Server Appliance 6.5 < 6.5 U1d Local Privilege Escalation (VMSA-2017-0021)

High Nessus Plugin ID 105514


A virtualization appliance installed on the remote host is affected by a local privilege escalation vulnerability.


The version of VMware vCenter Server Appliance installed on the remote host is 6.5 prior to 6.5 Update 1d (6.5 U1d). It is, therefore, affected by a local privilege escalation vulnerability in the 'showlog' plugin.


Upgrade to VMware vCenter Server Appliance 6.5 Update 1d (6.5 U1d) or later.

See Also


Plugin Details

Severity: High

ID: 105514

File Name: vmware_vcenter_server_appliance_vmsa-2017-0021.nasl

Version: $Revision: 1.2 $

Type: local

Family: Misc.

Published: 2018/01/03

Modified: 2018/01/04

Dependencies: 12634

Risk Information

Risk Factor: High


Base Score: 7.2

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C


Base Score: 8.8

Temporal Score: 7.7

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:vmware:vcenter_server_appliance

Required KB Items: Host/VMware vCenter Server Appliance/Version, Host/VMware vCenter Server Appliance/Build

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2017/12/19

Vulnerability Publication Date: 2017/12/19

Reference Information

CVE: CVE-2017-4943

BID: 102242

OSVDB: 171224