vulnerability

VMware vCenter Server: CVE-2017-4922 (VMSA-2017-0013)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:L/Au:S/C:P/I:N/A:N)	Aug 1, 2017	Jan 20, 2026	Jan 20, 2026

Severity

CVSS

(AV:N/AC:L/Au:S/C:P/I:N/A:N)

Published

Aug 1, 2017

Added

Jan 20, 2026

Modified

Jan 20, 2026

Description

VMware vCenter Server (6.5 prior to 6.5 U1) contains an information disclosure issue due to the service startup script using world writable directories as temporary storage for critical information. Successful exploitation of this issue may allow unprivileged host users to access certain critical information when the service gets restarted.

Solution

vmware-vcenter-server-upgrade-latest

References

CVE-2017-4922
https://attackerkb.com/topics/CVE-2017-4922
URL-http://www.securityfocus.com/bid/100012
URL-http://www.securitytracker.com/id/1039013
URL-https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/23509
CWE-200

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today