VMware vRealize Operations Manager 6.6.x < 6.6.1.11286876 / 6.7.x < 6.7.0.11286837 / 7.x < 7.0.0.11287810 Local Privilege Escalation Vulnerability (VMSA-2018-0031)

medium Nessus Plugin ID 119834

Language:

Synopsis

A cloud operations management application running on the remote web server is affected by a local privilege escalation vulnerability.

Description

The version of VMware vRealize Operations (vROps) Manager running on the remote web server is 6.6.x prior to 6.6.1.11286876, 6.7.x prior to 6.7.0.11286837, or 7.x prior to 7.0.0.11287810. It is, therefore, affected by a privilege escalation vulnerability due to improper permissions of support scripts. a local attacker with Admin account shell access can exploit this to gain elevated privileges.

Solution

Upgrade to VMware vRealize Operations Manager version 6.6.1.11286876 or 6.7.0.11286837 or 7.0.0.11287810 or later.

Plugin Details

Severity: Medium

ID: 119834

File Name: vmware_vrealize_operations_manager_VMSA-2018-0031.nasl

Version: 1.3

Type: remote

Family: Misc.

Published: 12/21/2018

Updated: 10/31/2019

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2018-6978

CVSS v3

Risk Factor: Medium

Base Score: 6.7

Temporal Score: 5.8

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:vmware:vrealize_operations

Required KB Items: Settings/ParanoidReport, installed_sw/vRealize Operations Manager

Exploit Ease: No known exploits are available

Patch Publication Date: 12/18/2018

Vulnerability Publication Date: 12/18/2018

Reference Information

CVE: CVE-2018-6978

BID: 106242

IAVB: 2018-B-0158

VMSA: 2018-0031

Detections

Analytics