vulnerability
VMware vCenter Server: CVE-2017-4921 (VMSA-2017-0013)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:L/Au:S/C:P/I:P/A:P) | Aug 1, 2017 | Jul 25, 2022 | Apr 15, 2026 |
Severity
7
CVSS
(AV:N/AC:L/Au:S/C:P/I:P/A:P)
Published
Aug 1, 2017
Added
Jul 25, 2022
Modified
Apr 15, 2026
Description
VMware vCenter Server (6.5 prior to 6.5 U1) contains an insecure library loading issue that occurs due to the use of LD_LIBRARY_PATH variable in an unsafe manner. Successful exploitation of this issue may allow unprivileged host users to load a shared library that may lead to privilege escalation.
Solution
vmware-vcenter-server-upgrade-latest
References
- CVE-2017-4921
- https://attackerkb.com/topics/CVE-2017-4921
- http://www.securityfocus.com/bid/100006
- http://www.securitytracker.com/id/1039013
- https://euvd.enisa.europa.eu/vulnerability/EUVD-2017-14038
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/23509
- EUVD-EUVD-2017-14038
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.