Published: 02/08/2017 Updated: 03/10/2019

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 725

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

The sudo helper in the HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) prior to 4.0.21 allows local users to gain root privileges by leveraging failure to verify the path to the encoded ruby script or scrub the PATH variable.

Vulnerable Product	Search on Vulmon	Subscribe to Product
hashicorp vagrant vmware fusion

I'm a big fan of Hashicorp but this is an awful bug to have in software of their calibre Their vagrant plugin for vmware fusion uses a product called Ruby Encoder to protect their proprietary ruby code It does this by turning the ruby code into bytecode and executing it directly Unfortunately the execution chain necessary for this to work is ...

Hashicorp vagrant-vmware-fusion versions 4020 and below suffer from a local root privilege escalation vulnerability ...

CWE-426 https://m4.rkw.io/blog/cve20177642-local-root-privesc-in-hashicorp-vagrantvmwarefusion--4020.html https://github.com/hashicorp/vagrant-plugin-changelog/blob/master/vagrant-vmware-changelog.md http://seclists.org/fulldisclosure/2017/Jul/29 https://www.exploit-db.com/exploits/42334/https://nvd.nist.gov https://www.exploit-db.com/exploits/42334/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2017-7642

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect