CVE-2014-8373

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.vmware.com/security/advisories/VMSA-2014-0013.html", "name": "http://www.vmware.com/security/advisories/VMSA-2014-0013.html", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://secunia.com/advisories/61169", "name": "61169", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.securitytracker.com/id/1031323", "name": "1031323", "tags": [], "refsource": "SECTRACK"}, {"url": "http://seclists.org/fulldisclosure/2014/Dec/33", "name": "20141209 NEW VMSA-2014-0013 - VMware vCloud Automation Center product updates address a critical remote privilege escalation vulnerability", "tags": [], "refsource": "FULLDISC"}, {"url": "http://packetstormsecurity.com/files/129455/VMware-Security-Advisory-2014-0013.html", "name": "http://packetstormsecurity.com/files/129455/VMware-Security-Advisory-2014-0013.html", "tags": [], "refsource": "MISC"}, {"url": "http://www.securityfocus.com/archive/1/534186/100/0/threaded", "name": "20141209 NEW VMSA-2014-0013 - VMware vCloud Automation Center product updates address a critical remote privilege escalation vulnerability", "tags": [], "refsource": "BUGTRAQ"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The VMware Remote Console (VMRC) function in VMware vCloud Automation Center (vCAC) 6.0.1 through 6.1.1 allows remote authenticated users to gain privileges via vectors involving the \"Connect (by) Using VMRC\" function."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-264"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2014-8373", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 9.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": true, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2014-12-11T15:59Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:vmware:vcloud_automation_center:6.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:vmware:vcloud_automation_center:6.0.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:vmware:vcloud_automation_center:6.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:vmware:vcloud_automation_center:6.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:vmware:vcloud_automation_center:6.0.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-10-09T19:53Z"}