CVE-2014-4199 : vm-support 0.88 in VMware Tools, as distributed with VMware Workstation through

vm-support 0.88 in VMware Tools, as distributed with VMware Workstation through 10.0.3 and other products, allows local users to write to arbitrary files via a symlink attack on a file in /tmp.

Published 2014-08-28 15:14:09

Updated 2017-08-29 01:34:52

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2014-4199

Vmware » Workstation
Versions up to, including, (<=) 10.0.3
cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*
Matching versions
Vmware » Workstation » Version: 10.0.1
cpe:2.3:a:vmware:workstation:10.0.1:*:*:*:*:*:*:*
Matching versions
Vmware » Workstation » Version: 10.0.2
cpe:2.3:a:vmware:workstation:10.0.2:*:*:*:*:*:*:*
Matching versions
Vmware » Workstation » Version: 10.0
cpe:2.3:a:vmware:workstation:10.0:*:*:*:*:*:*:*
Matching versions
Vmware » Vm-support » Version: 0.88
cpe:2.3:a:vmware:vm-support:0.88:*:*:*:*:*:*:*
Matching versions
Vmware » Tools
cpe:2.3:a:vmware:tools:*:*:*:*:*:*:*:*
Matching versions

Threat overview for CVE-2014-4199

Top countries where our scanners detected CVE-2014-4199

Top open port discovered on systems with this issue 443

IPs affected by CVE-2014-4199 38

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2014-4199!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2014-4199

EPSS FAQ

0.04%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 6 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2014-4199

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
6.3	MEDIUM	AV:L/AC:M/Au:N/C:N/I:C/A:C	3.4	9.2	NIST
Access Vector: Local Access Complexity: Medium Authentication: None Confidentiality Impact: None Integrity Impact: Complete Availability Impact: Complete

CWE ids for CVE-2014-4199

CWE-59 Improper Link Resolution Before File Access ('Link Following')

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2014-4199

http://www.securitytracker.com/id/1030758

VMware Tools Temporary File Permission Flaws Lets Local Users Deny Service and Obtain Potentially Sensitive Information - SecurityTracker

CVEs referencing this url
http://seclists.org/fulldisclosure/2014/Aug/71

Full Disclosure: VMware vm-support multiple vulnerabilities
Exploit

CVEs referencing this url
https://exchange.xforce.ibmcloud.com/vulnerabilities/95493

VMware Support Tool temporary files denial of service CVE-2014-4199 Vulnerability Report