RSS   Vulnerabilities for 'Vagrant'   RSS

2017-11-16
 
CVE-2017-16777

CWE-264
 

 
If HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 5.0.3 is installed but VMware Fusion is not, a local attacker can create a fake application directory and exploit the suid sudo helper in order to escalate to root.

 
2017-11-06
 
CVE-2017-16001

CWE-264
 

 
In HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 5.0.1, a local attacker or malware can silently subvert the plugin update process in order to escalate to root privileges.

 

 >>> Vendor: Hashicorp 3 Products
Vagrant vmware fusion
Vagrant
Terraform


Copyright 2019, cxsecurity.com

 

Back to Top