SecuritySpace - CVE-2021-21999

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2021-21999

Description: VMware Tools for Windows (11.x.y prior to 11.2.6), VMware Remote Console for Windows (12.x prior to 12.0.1) , VMware App Volumes (2.x prior to 2.18.10 and 4 prior to 2103) contain a local privilege escalation vulnerability. An attacker with normal access to a virtual machine may exploit this issue by placing a malicious file renamed as `openssl.cnf' in an unrestricted directory which would allow code to be executed with elevated privileges.

Test IDs: 1.3.6.1.4.1.25623.1.0.826754

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2021-21999
https://www.zerodayinitiative.com/advisories/ZDI-21-754/
https://www.vmware.com/security/advisories/VMSA-2021-0013.html
https://www.vmware.com/security/advisories/VMSA-2021-0013.html

CVE ID:	CVE-2021-21999
Description:	VMware Tools for Windows (11.x.y prior to 11.2.6), VMware Remote Console for Windows (12.x prior to 12.0.1) , VMware App Volumes (2.x prior to 2.18.10 and 4 prior to 2103) contain a local privilege escalation vulnerability. An attacker with normal access to a virtual machine may exploit this issue by placing a malicious file renamed as `openssl.cnf' in an unrestricted directory which would allow code to be executed with elevated privileges.
Test IDs:	1.3.6.1.4.1.25623.1.0.826754
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2021-21999 https://www.zerodayinitiative.com/advisories/ZDI-21-754/ https://www.vmware.com/security/advisories/VMSA-2021-0013.html https://www.vmware.com/security/advisories/VMSA-2021-0013.html