CVE-2014-3790

Ruby vSphere Console (RVC) in VMware vCenter Server Appliance allows remote authenticated users to execute arbitrary commands as root by escaping from a chroot jail.

Published: Jun 1, 2014
Updated: Apr 13, 2023
CVE: CVE-2014-3790
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 9
AV:N/AC:L/Au:S/C:C/I:C/A:C

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
vmware / vcenter_server_appliance	5.1	5.1.x
vmware / vcenter_server_appliance	5.5	5.5.x

http://secunia.com/advisories/58823
http://www.securityfocus.com/bid/67756
http://www.securitytracker.com/id/1030436
http://zerodayinitiative.com/advisories/ZDI-14-159/

Vulnerability Database

289,599

CVE-2014-3790