N/A

VMware vCenter Server (6.5 prior to 6.5 U1) contains an insecure library loading issue that occurs due to the use of LD_LIBRARY_PATH variable in an unsafe manner. Successful exploitation of this issue may allow unprivileged host users to load a shared library that may lead to privilege escalation.

N/A

N/A

VMware vCenter Server 权限许可和访问控制问题漏洞

VMware vCenter Server是美国威睿（VMware）公司的一套服务器和虚拟化管理软件。该软件提供了一个用于管理VMware vSphere环境的集中式平台，可自动实施和交付虚拟基础架构。 VMware vCenter Server 6.5版本中存在安全漏洞，该漏洞源于程序在不安全的操作中只用了‘LD_LIBRARY_PATH’变量。攻击者可利用该漏洞加载共享库，提升权限。

N/A

N/A