CVE-2017-4919

CVE Database · CVE-2017-4919

CVE-2017-4919

· N/AModified

CVSS v3.1

N/A

EPSS

2.04%

Published

Jul 28, 2017

Modified

May 12, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

VMware vCenter Server 5.5, 6.0, 6.5 allows vSphere users with certain, limited vSphere privileges to use the VIX API to access Guest Operating Systems without the need to authenticate.

Weaknesses (CWE)

CWE-306

Affected Products (3)

vmware · vcenter_servervulnerable

References (6)

http://www.securityfocus.com/bid/100102

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1039004

Third Party AdvisoryVDB Entry

http://www.vmware.com/security/advisories/VMSA-2017-0012.html

MitigationVendor Advisory

http://www.securityfocus.com/bid/100102

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1039004

Third Party AdvisoryVDB Entry

http://www.vmware.com/security/advisories/VMSA-2017-0012.html

KEV Catalog EPSS Scores Vendors All CVEs