cve-2020-24718
Vulnerability from cvelistv5
Published
2020-09-25 03:49
Modified
2024-08-04 15:19
Severity ?
EPSS score ?
Summary
bhyve, as used in FreeBSD through 12.1 and illumos (e.g., OmniOS CE through r151034 and OpenIndiana through Hipster 2020.04), does not properly restrict VMCS and VMCB read/write operations, as demonstrated by a root user in a container on an Intel system, who can gain privileges by modifying VMCS_HOST_RIP.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:19:09.334Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/illumos/illumos-gate/blob/84971882a96ac0fecd538b02208054a872ff8af3/usr/src/uts/i86pc/io/vmm/intel/vmcs.c#L246-L249"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:28.bhyve_vmcs.asc"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20201016-0002/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "bhyve, as used in FreeBSD through 12.1 and illumos (e.g., OmniOS CE through r151034 and OpenIndiana through Hipster 2020.04), does not properly restrict VMCS and VMCB read/write operations, as demonstrated by a root user in a container on an Intel system, who can gain privileges by modifying VMCS_HOST_RIP."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-16T10:06:12",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/illumos/illumos-gate/blob/84971882a96ac0fecd538b02208054a872ff8af3/usr/src/uts/i86pc/io/vmm/intel/vmcs.c#L246-L249"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:28.bhyve_vmcs.asc"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20201016-0002/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-24718",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "bhyve, as used in FreeBSD through 12.1 and illumos (e.g., OmniOS CE through r151034 and OpenIndiana through Hipster 2020.04), does not properly restrict VMCS and VMCB read/write operations, as demonstrated by a root user in a container on an Intel system, who can gain privileges by modifying VMCS_HOST_RIP."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/illumos/illumos-gate/blob/84971882a96ac0fecd538b02208054a872ff8af3/usr/src/uts/i86pc/io/vmm/intel/vmcs.c#L246-L249",
"refsource": "MISC",
"url": "https://github.com/illumos/illumos-gate/blob/84971882a96ac0fecd538b02208054a872ff8af3/usr/src/uts/i86pc/io/vmm/intel/vmcs.c#L246-L249"
},
{
"name": "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:28.bhyve_vmcs.asc",
"refsource": "CONFIRM",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:28.bhyve_vmcs.asc"
},
{
"name": "https://security.netapp.com/advisory/ntap-20201016-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20201016-0002/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-24718",
"datePublished": "2020-09-25T03:49:02",
"dateReserved": "2020-08-27T00:00:00",
"dateUpdated": "2024-08-04T15:19:09.334Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"11.2\", \"matchCriteriaId\": \"B985F217-C03B-4FB4-9967-55793399E30F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:11.3:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"F35957CE-AF9F-40CA-BDD1-FA6A0E73783F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:11.3:p1:*:*:*:*:*:*\", \"matchCriteriaId\": \"EA929713-B797-494A-853D-C121D9D69519\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:11.3:p10:*:*:*:*:*:*\", \"matchCriteriaId\": \"B87AF171-95AC-4DDA-8D94-694F85638B46\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:11.3:p11:*:*:*:*:*:*\", \"matchCriteriaId\": \"1CC8B031-41BB-4846-B092-7E4BC6F35D6B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:11.3:p12:*:*:*:*:*:*\", \"matchCriteriaId\": \"83E34012-BC9D-4F0C-AAE1-FE5767B4EED6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:11.3:p13:*:*:*:*:*:*\", \"matchCriteriaId\": \"57EF03AC-0934-46FD-A77C-76A0CAF4342C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:11.3:p2:*:*:*:*:*:*\", \"matchCriteriaId\": \"3C3D8EDC-91D3-45B2-AC1D-EF4346D4A714\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:11.3:p3:*:*:*:*:*:*\", \"matchCriteriaId\": \"EA5006FF-06A5-4D95-BF5B-29F26248D11F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:11.3:p4:*:*:*:*:*:*\", \"matchCriteriaId\": \"A705031B-FD63-4076-B92E-E826E11D7111\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:11.3:p5:*:*:*:*:*:*\", \"matchCriteriaId\": \"11C1EFB1-68E5-45F4-A7E1-744574F290D1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:11.3:p6:*:*:*:*:*:*\", \"matchCriteriaId\": \"25F649A7-9265-4552-8934-BCE083363982\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:11.3:p7:*:*:*:*:*:*\", \"matchCriteriaId\": \"F202C856-5B95-4796-AC4A-1F210E7BAB8F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:11.3:p8:*:*:*:*:*:*\", \"matchCriteriaId\": \"9419C866-C478-4CDE-A9A1-E592D8FF0933\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:11.3:p9:*:*:*:*:*:*\", \"matchCriteriaId\": \"2B6DFC23-A7A1-431A-9AD9-A820579F95F0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:11.3:rc3:*:*:*:*:*:*\", \"matchCriteriaId\": \"E03E6445-DD63-44E8-85D1-3971253F395A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:11.4:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"4A865EA1-01D7-4E5A-9D13-80780F8A9D7A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:11.4:beta1:*:*:*:*:*:*\", \"matchCriteriaId\": \"B80FBD1B-D03E-4408-9150-2F86FAF7F1D7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:11.4:p1:*:*:*:*:*:*\", \"matchCriteriaId\": \"9FCA6A72-2A72-45FD-A43D-B5BF7C329121\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:11.4:p2:*:*:*:*:*:*\", \"matchCriteriaId\": \"90F9B3CB-3B60-4AA8-9EAF-4F0BE7D27691\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:11.4:p3:*:*:*:*:*:*\", \"matchCriteriaId\": \"C04EE177-C7D1-4049-B680-F961A27C677F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:11.4:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"2B0FB7BE-DB4E-47CE-8B51-C43DC5AADD17\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:11.4:rc2:*:*:*:*:*:*\", \"matchCriteriaId\": \"0D427061-B399-47BA-865D-9FAB315210CF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:12.0:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"826B53C2-517F-4FC6-92E8-E7FCB24F91B4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:12.0:p1:*:*:*:*:*:*\", \"matchCriteriaId\": \"93F10A46-AEF2-4FDD-92D6-0CF07B70F986\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:12.0:p10:*:*:*:*:*:*\", \"matchCriteriaId\": \"8C7B8FCA-2170-469A-B6D6-2C6AB254F20F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:12.0:p11:*:*:*:*:*:*\", \"matchCriteriaId\": \"E94067A1-5C68-4401-A7B6-29B4FE553733\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:12.0:p12:*:*:*:*:*:*\", \"matchCriteriaId\": \"87EE567B-7604-41CC-B0A7-B51255D4C240\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:12.0:p2:*:*:*:*:*:*\", \"matchCriteriaId\": \"E1AD57A9-F53A-4E40-966E-F2F50852C5E4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:12.0:p3:*:*:*:*:*:*\", \"matchCriteriaId\": \"C4029113-130F-4A33-A8A0-BC3E74000378\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:12.0:p4:*:*:*:*:*:*\", \"matchCriteriaId\": \"46C5A6FD-7BBF-4E84-9895-8EE14DC846E4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:12.0:p5:*:*:*:*:*:*\", \"matchCriteriaId\": \"6D71D083-3279-4DF4-91E1-38C373DD062F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:12.0:p6:*:*:*:*:*:*\", \"matchCriteriaId\": \"882669AB-BCFC-4517-A3E9-33D344F1ED0D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:12.0:p7:*:*:*:*:*:*\", \"matchCriteriaId\": \"BC3D24FB-50A2-4E37-A479-AF21F8ECD706\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:12.0:p8:*:*:*:*:*:*\", \"matchCriteriaId\": \"3070787D-76E1-4671-B99D-213F7103B3A2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:12.0:p9:*:*:*:*:*:*\", \"matchCriteriaId\": \"0140276F-9C31-4B5C-A5AC-DE0EBB885275\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:12.1:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"BD730B6A-F123-4685-ACB3-4F20AAAB77F3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:12.1:p1:*:*:*:*:*:*\", \"matchCriteriaId\": \"508150E3-2C0C-4EEB-BFC9-BB5CEB404C06\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:12.1:p2:*:*:*:*:*:*\", \"matchCriteriaId\": \"B5D692EF-A5D7-430E-91BA-4CD137343B66\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:12.1:p3:*:*:*:*:*:*\", \"matchCriteriaId\": \"D50C60A7-4C9F-4636-92E9-9F5B8B01BE5B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:12.1:p4:*:*:*:*:*:*\", \"matchCriteriaId\": \"6C49F6C7-A740-42F4-93BB-512CBF334516\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:12.1:p5:*:*:*:*:*:*\", \"matchCriteriaId\": \"402740C4-5B55-423F-BAD2-F742E1E21ADC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:12.1:p6:*:*:*:*:*:*\", \"matchCriteriaId\": \"9DCAA10A-C612-45E0-84B7-55897F49D65E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:12.1:p7:*:*:*:*:*:*\", \"matchCriteriaId\": \"CB6258A5-8066-48B8-A417-09A1547DD57A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:12.1:p8:*:*:*:*:*:*\", \"matchCriteriaId\": \"6601C7C4-EC36-4EAA-90AC-D3156A2BF330\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:freebsd:freebsd:12.1:p9:*:*:*:*:*:*\", \"matchCriteriaId\": \"EDCBC06C-B16B-498A-A99B-5F9F17C5FF03\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:omniosce:omnios:*:*:*:*:community:*:*:*\", \"versionEndIncluding\": \"r151034\", \"matchCriteriaId\": \"6F88A2E7-1972-4CBD-9197-9680DCF9806F\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:openindiana:openindiana:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"hipster_2020.04\", \"matchCriteriaId\": \"2F91E6EC-CDE1-4B4B-B556-1B91C0CA5BEA\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1FE996B1-6951-4F85-AA58-B99A379D2163\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"bhyve, as used in FreeBSD through 12.1 and illumos (e.g., OmniOS CE through r151034 and OpenIndiana through Hipster 2020.04), does not properly restrict VMCS and VMCB read/write operations, as demonstrated by a root user in a container on an Intel system, who can gain privileges by modifying VMCS_HOST_RIP.\"}, {\"lang\": \"es\", \"value\": \"bhyve, como es usado en FreeBSD versiones hasta 12.1 e illumos (por ejemplo, OmniOS CE versiones hasta r151034 y OpenIndiana versiones hasta Hipster 2020.04), no restringe apropiadamente las operaciones de lectura y de escritura de VMCS y VMCB, como es demostrado por un usuario root en un contenedor en un sistema Intel, qui\\u00e9n puede alcanzar privilegios al modificar VMCS_HOST_RIP\"}]",
"id": "CVE-2020-24718",
"lastModified": "2024-11-21T05:15:57.703",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\", \"baseScore\": 8.2, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.5, \"impactScore\": 6.0}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 7.2, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 3.9, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2020-09-25T04:23:04.683",
"references": "[{\"url\": \"https://github.com/illumos/illumos-gate/blob/84971882a96ac0fecd538b02208054a872ff8af3/usr/src/uts/i86pc/io/vmm/intel/vmcs.c#L246-L249\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://security.FreeBSD.org/advisories/FreeBSD-SA-20:28.bhyve_vmcs.asc\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20201016-0002/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/illumos/illumos-gate/blob/84971882a96ac0fecd538b02208054a872ff8af3/usr/src/uts/i86pc/io/vmm/intel/vmcs.c#L246-L249\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://security.FreeBSD.org/advisories/FreeBSD-SA-20:28.bhyve_vmcs.asc\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20201016-0002/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-862\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2020-24718\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2020-09-25T04:23:04.683\",\"lastModified\":\"2024-11-21T05:15:57.703\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"bhyve, as used in FreeBSD through 12.1 and illumos (e.g., OmniOS CE through r151034 and OpenIndiana through Hipster 2020.04), does not properly restrict VMCS and VMCB read/write operations, as demonstrated by a root user in a container on an Intel system, who can gain privileges by modifying VMCS_HOST_RIP.\"},{\"lang\":\"es\",\"value\":\"bhyve, como es usado en FreeBSD versiones hasta 12.1 e illumos (por ejemplo, OmniOS CE versiones hasta r151034 y OpenIndiana versiones hasta Hipster 2020.04), no restringe apropiadamente las operaciones de lectura y de escritura de VMCS y VMCB, como es demostrado por un usuario root en un contenedor en un sistema Intel, qui\u00e9n puede alcanzar privilegios al modificar VMCS_HOST_RIP\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":8.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.5,\"impactScore\":6.0}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-862\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"11.2\",\"matchCriteriaId\":\"B985F217-C03B-4FB4-9967-55793399E30F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:11.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"F35957CE-AF9F-40CA-BDD1-FA6A0E73783F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:11.3:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA929713-B797-494A-853D-C121D9D69519\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:11.3:p10:*:*:*:*:*:*\",\"matchCriteriaId\":\"B87AF171-95AC-4DDA-8D94-694F85638B46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:11.3:p11:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CC8B031-41BB-4846-B092-7E4BC6F35D6B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:11.3:p12:*:*:*:*:*:*\",\"matchCriteriaId\":\"83E34012-BC9D-4F0C-AAE1-FE5767B4EED6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:11.3:p13:*:*:*:*:*:*\",\"matchCriteriaId\":\"57EF03AC-0934-46FD-A77C-76A0CAF4342C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:11.3:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C3D8EDC-91D3-45B2-AC1D-EF4346D4A714\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:11.3:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA5006FF-06A5-4D95-BF5B-29F26248D11F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:11.3:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"A705031B-FD63-4076-B92E-E826E11D7111\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:11.3:p5:*:*:*:*:*:*\",\"matchCriteriaId\":\"11C1EFB1-68E5-45F4-A7E1-744574F290D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:11.3:p6:*:*:*:*:*:*\",\"matchCriteriaId\":\"25F649A7-9265-4552-8934-BCE083363982\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:11.3:p7:*:*:*:*:*:*\",\"matchCriteriaId\":\"F202C856-5B95-4796-AC4A-1F210E7BAB8F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:11.3:p8:*:*:*:*:*:*\",\"matchCriteriaId\":\"9419C866-C478-4CDE-A9A1-E592D8FF0933\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:11.3:p9:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B6DFC23-A7A1-431A-9AD9-A820579F95F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:11.3:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"E03E6445-DD63-44E8-85D1-3971253F395A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:11.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A865EA1-01D7-4E5A-9D13-80780F8A9D7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:11.4:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B80FBD1B-D03E-4408-9150-2F86FAF7F1D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:11.4:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9FCA6A72-2A72-45FD-A43D-B5BF7C329121\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:11.4:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"90F9B3CB-3B60-4AA8-9EAF-4F0BE7D27691\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:11.4:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"C04EE177-C7D1-4049-B680-F961A27C677F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:11.4:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B0FB7BE-DB4E-47CE-8B51-C43DC5AADD17\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:11.4:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D427061-B399-47BA-865D-9FAB315210CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:12.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"826B53C2-517F-4FC6-92E8-E7FCB24F91B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:12.0:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"93F10A46-AEF2-4FDD-92D6-0CF07B70F986\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:12.0:p10:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C7B8FCA-2170-469A-B6D6-2C6AB254F20F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:12.0:p11:*:*:*:*:*:*\",\"matchCriteriaId\":\"E94067A1-5C68-4401-A7B6-29B4FE553733\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:12.0:p12:*:*:*:*:*:*\",\"matchCriteriaId\":\"87EE567B-7604-41CC-B0A7-B51255D4C240\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:12.0:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1AD57A9-F53A-4E40-966E-F2F50852C5E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:12.0:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4029113-130F-4A33-A8A0-BC3E74000378\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:12.0:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"46C5A6FD-7BBF-4E84-9895-8EE14DC846E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:12.0:p5:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D71D083-3279-4DF4-91E1-38C373DD062F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:12.0:p6:*:*:*:*:*:*\",\"matchCriteriaId\":\"882669AB-BCFC-4517-A3E9-33D344F1ED0D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:12.0:p7:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC3D24FB-50A2-4E37-A479-AF21F8ECD706\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:12.0:p8:*:*:*:*:*:*\",\"matchCriteriaId\":\"3070787D-76E1-4671-B99D-213F7103B3A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:12.0:p9:*:*:*:*:*:*\",\"matchCriteriaId\":\"0140276F-9C31-4B5C-A5AC-DE0EBB885275\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:12.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD730B6A-F123-4685-ACB3-4F20AAAB77F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:12.1:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"508150E3-2C0C-4EEB-BFC9-BB5CEB404C06\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:12.1:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5D692EF-A5D7-430E-91BA-4CD137343B66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:12.1:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"D50C60A7-4C9F-4636-92E9-9F5B8B01BE5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:12.1:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"6C49F6C7-A740-42F4-93BB-512CBF334516\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:12.1:p5:*:*:*:*:*:*\",\"matchCriteriaId\":\"402740C4-5B55-423F-BAD2-F742E1E21ADC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:12.1:p6:*:*:*:*:*:*\",\"matchCriteriaId\":\"9DCAA10A-C612-45E0-84B7-55897F49D65E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:12.1:p7:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB6258A5-8066-48B8-A417-09A1547DD57A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:12.1:p8:*:*:*:*:*:*\",\"matchCriteriaId\":\"6601C7C4-EC36-4EAA-90AC-D3156A2BF330\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:12.1:p9:*:*:*:*:*:*\",\"matchCriteriaId\":\"EDCBC06C-B16B-498A-A99B-5F9F17C5FF03\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:omniosce:omnios:*:*:*:*:community:*:*:*\",\"versionEndIncluding\":\"r151034\",\"matchCriteriaId\":\"6F88A2E7-1972-4CBD-9197-9680DCF9806F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:openindiana:openindiana:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"hipster_2020.04\",\"matchCriteriaId\":\"2F91E6EC-CDE1-4B4B-B556-1B91C0CA5BEA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FE996B1-6951-4F85-AA58-B99A379D2163\"}]}]}],\"references\":[{\"url\":\"https://github.com/illumos/illumos-gate/blob/84971882a96ac0fecd538b02208054a872ff8af3/usr/src/uts/i86pc/io/vmm/intel/vmcs.c#L246-L249\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://security.FreeBSD.org/advisories/FreeBSD-SA-20:28.bhyve_vmcs.asc\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20201016-0002/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/illumos/illumos-gate/blob/84971882a96ac0fecd538b02208054a872ff8af3/usr/src/uts/i86pc/io/vmm/intel/vmcs.c#L246-L249\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://security.FreeBSD.org/advisories/FreeBSD-SA-20:28.bhyve_vmcs.asc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20201016-0002/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.