VMware Workstation contains an arbitrary file deletion vulnerability. A malicious actor with local user privileges on the victim's machine may exploit this vulnerability to delete arbitrary files from the file system of the machine on which Workstation is installed.
References
Link | Resource |
---|---|
https://www.vmware.com/security/advisories/VMSA-2023-0003.html | Patch Release Notes Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
15 Feb 2023, 15:49
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.4 |
CWE | CWE-269 | |
References | (MISC) https://www.vmware.com/security/advisories/VMSA-2023-0003.html - Patch, Release Notes, Vendor Advisory | |
First Time |
Vmware workstation
Microsoft Vmware Microsoft windows |
|
CPE | cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* cpe:2.3:a:vmware:workstation:17.0:*:*:*:*:*:*:* |
03 Feb 2023, 19:50
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-02-03 19:15
Updated : 2023-12-10 14:48
NVD link : CVE-2023-20854
Mitre link : CVE-2023-20854
CVE.ORG link : CVE-2023-20854
JSON object : View
Products Affected
vmware
- workstation
microsoft
- windows
CWE
CWE-269
Improper Privilege Management