Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft Virtual Machine Manager privilege escalation
Published:11.02.2015
Source:
SecurityVulns ID:14256
Type:local
Threat Level:
5/10
Description:Insufficient users role checking.
Affected:MICROSOFT : System Center Virtual Machine Manager 2012
CVE:CVE-2015-0012 (Microsoft System Center Virtual Machine Manager (VMM) 2012 R2 Update Rollup 4 does not properly validate the roles of users, which allows local users to obtain server and virtual-machine administrative privileges by establishing a server session with Active Directory credentials, aka "Virtual Machine Manager Elevation of Privilege Vulnerability.")
Files: Microsoft Security Bulletin MS15-017 - Important Vulnerability in Virtual Machine Manager Could Allow Elevation of Privilege (3035898)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod