CVE-2013-2151 - Unquoted Windows search path vulnerability in Red Hat Enterprise Virtualization (RHEV) 3 and 3.2 all

CVE-2013-2151

Summary

Unquoted Windows search path vulnerability in Red Hat Enterprise Virtualization (RHEV) 3 and 3.2 allows local users to gain privileges via a crafted application in an unspecified folder.

References

http://www.securityfocus.com/bid/60473
http://rhn.redhat.com/errata/RHSA-2013-0925.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/84868

Vulnerable Configurations

cpe:2.3:a:redhat:enterprise_virtualization:3.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:enterprise_virtualization:3.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*

CVSS

Base:	7.2 (as of 13-02-2023 - 04:43)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:L/AC:L/Au:N/C:C/I:C/A:C

redhat via4

advisories

rhsa

id	RHSA-2013:0925

rpms

rhev-guest-tools-iso-0:3.2-8

refmap via4

bid	60473
xf	enterprise-cve20132151-priv-esc(84868)

Last major update

13-02-2023 - 04:43

Published

21-01-2014 - 18:55

Last modified

13-02-2023 - 04:43