Vulnerability Description
VMware Identity Manager 2.x before 2.7 and vRealize Automation 7.0.x before 7.1 allow local users to obtain root access via unspecified vectors.
CVSS Score
7.8
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Vmware | Identity Manager | >= 2.0, < 2.7 |
| Vmware | Vrealize Automation | >= 7.0, < 7.1 |
References
- http://www.securityfocus.com/bid/92608Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1036685Broken LinkThird Party AdvisoryVDB Entry
- http://www.vmware.com/security/advisories/VMSA-2016-0013.htmlPatchVendor Advisory
- http://www.securityfocus.com/bid/92608Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1036685Broken LinkThird Party AdvisoryVDB Entry
- http://www.vmware.com/security/advisories/VMSA-2016-0013.htmlPatchVendor Advisory
FAQ
What is CVE-2016-5335?
CVE-2016-5335 is a vulnerability with a CVSS score of 7.8 (HIGH). VMware Identity Manager 2.x before 2.7 and vRealize Automation 7.0.x before 7.1 allow local users to obtain root access via unspecified vectors.
How severe is CVE-2016-5335?
CVE-2016-5335 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-5335?
Check the references section above for vendor advisories and patch information. Affected products include: Vmware Identity Manager, Vmware Vrealize Automation.