Vulnerability Details : CVE-2016-5335
VMware Identity Manager 2.x before 2.7 and vRealize Automation 7.0.x before 7.1 allow local users to obtain root access via unspecified vectors.
Exploit prediction scoring system (EPSS) score for CVE-2016-5335
Probability of exploitation activity in the next 30 days: 0.04%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 6 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2016-5335
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
References for CVE-2016-5335
-
http://www.securitytracker.com/id/1036685
VMware vRealize Automation Bugs Let Remote Users Execute Arbitrary Code and Local Users Gain Elevated Privileges - SecurityTrackerBroken Link;Third Party Advisory;VDB Entry
-
http://www.vmware.com/security/advisories/VMSA-2016-0013.html
VMSA-2016-0013Patch;Vendor Advisory
-
http://www.securityfocus.com/bid/92608
VMware Identity Manager and vRealize Automation Local Privilege Escalation VulnerabilityThird Party Advisory;VDB Entry
Products affected by CVE-2016-5335
- cpe:2.3:a:vmware:vrealize_automation:*:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:identity_manager:*:*:*:*:*:*:*:*