cve-2021-22042
Vulnerability from cvelistv5
Published
2022-02-16 16:37
Modified
2024-08-03 18:30
Severity ?
Summary
VMware ESXi contains an unauthorized access vulnerability due to VMX having access to settingsd authorization tickets. A malicious actor with privileges within the VMX process only, may be able to access settingsd service running as a high privileged user.
References
security@vmware.comhttps://www.vmware.com/security/advisories/VMSA-2022-0004.htmlPatch, Vendor Advisory
Impacted products
n/aVMware ESXi and VMware Cloud Foundation
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T18:30:23.952Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.vmware.com/security/advisories/VMSA-2022-0004.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "VMware ESXi and VMware Cloud Foundation",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "VMware ESXi(7.0 U3 before ESXi70U3c-19193900, 7.0 U2 before ESXi70U2e-19290878 and 7.0 U1 before ESXi70U1e-19324898) and VMware Cloud Foundation 4.x before 4.4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "VMware ESXi contains an unauthorized access vulnerability due to VMX having access to settingsd authorization tickets. A malicious actor with privileges within the VMX process only, may be able to access settingsd service running as a high privileged user."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Unauthorized access vulnerability",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-02-16T16:37:54",
        "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
        "shortName": "vmware"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.vmware.com/security/advisories/VMSA-2022-0004.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@vmware.com",
          "ID": "CVE-2021-22042",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "VMware ESXi and VMware Cloud Foundation",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "VMware ESXi(7.0 U3 before ESXi70U3c-19193900, 7.0 U2 before ESXi70U2e-19290878 and 7.0 U1 before ESXi70U1e-19324898) and VMware Cloud Foundation 4.x before 4.4"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "VMware ESXi contains an unauthorized access vulnerability due to VMX having access to settingsd authorization tickets. A malicious actor with privileges within the VMX process only, may be able to access settingsd service running as a high privileged user."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Unauthorized access vulnerability"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.vmware.com/security/advisories/VMSA-2022-0004.html",
              "refsource": "MISC",
              "url": "https://www.vmware.com/security/advisories/VMSA-2022-0004.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
    "assignerShortName": "vmware",
    "cveId": "CVE-2021-22042",
    "datePublished": "2022-02-16T16:37:54",
    "dateReserved": "2021-01-04T00:00:00",
    "dateUpdated": "2024-08-03T18:30:23.952Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-22042\",\"sourceIdentifier\":\"security@vmware.com\",\"published\":\"2022-02-16T17:15:10.537\",\"lastModified\":\"2022-02-25T18:07:59.593\",\"vulnStatus\":\"Analyzed\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"VMware ESXi contains an unauthorized access vulnerability due to VMX having access to settingsd authorization tickets. A malicious actor with privileges within the VMX process only, may be able to access settingsd service running as a high privileged user.\"},{\"lang\":\"es\",\"value\":\"VMware ESXi contiene una vulnerabilidad de acceso no autorizado debido a que VMX presenta acceso a los tickets de autorizaci\u00f3n de settingsd. Un actor malicioso con privilegios s\u00f3lo dentro del proceso VMX, puede ser capaz de acceder al servicio settingsd que es ejecutado como un usuario con altos privilegios\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:P/A:P\",\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":4.6},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-863\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.0\",\"versionEndExcluding\":\"4.4\",\"matchCriteriaId\":\"DBED072F-DE79-41C6-AD4F-02E10BD27FBD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:7.0:update_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C8DB7F6-5765-4355-B30E-9CAC39ECA5D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:7.0:update_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3E3A02D-6C1E-4DE8-B845-60F53C056F32\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:7.0:update_3:*:*:*:*:*:*\",\"matchCriteriaId\":\"4ADC3CFF-7415-46A5-817A-2F053B261E8C\"}]}]}],\"references\":[{\"url\":\"https://www.vmware.com/security/advisories/VMSA-2022-0004.html\",\"source\":\"security@vmware.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.