Vulnerability Details CVE-2017-11741
HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) before 4.0.24 uses weak permissions for the sudo helper scripts, allows local users to execute arbitrary code with root privileges by overwriting one of the scripts.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.011
EPSS Ranking 61.9%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 7.2
Products affected by CVE-2017-11741
-
cpe:2.3:a:hashicorp:vagrant_vmware_fusion:2.3.5
-
cpe:2.3:a:hashicorp:vagrant_vmware_fusion:2.3.6
-
cpe:2.3:a:hashicorp:vagrant_vmware_fusion:2.4.0
-
cpe:2.3:a:hashicorp:vagrant_vmware_fusion:2.5.0
-
cpe:2.3:a:hashicorp:vagrant_vmware_fusion:3.0.0
-
cpe:2.3:a:hashicorp:vagrant_vmware_fusion:3.0.1
-
cpe:2.3:a:hashicorp:vagrant_vmware_fusion:3.1.0
-
cpe:2.3:a:hashicorp:vagrant_vmware_fusion:3.1.1
-
cpe:2.3:a:hashicorp:vagrant_vmware_fusion:3.1.2
-
cpe:2.3:a:hashicorp:vagrant_vmware_fusion:3.2.0
-
cpe:2.3:a:hashicorp:vagrant_vmware_fusion:3.2.1
-
cpe:2.3:a:hashicorp:vagrant_vmware_fusion:3.2.10
-
cpe:2.3:a:hashicorp:vagrant_vmware_fusion:3.2.11
-
cpe:2.3:a:hashicorp:vagrant_vmware_fusion:3.2.12
-
cpe:2.3:a:hashicorp:vagrant_vmware_fusion:3.2.2
-
cpe:2.3:a:hashicorp:vagrant_vmware_fusion:3.2.3
-
cpe:2.3:a:hashicorp:vagrant_vmware_fusion:3.2.4
-
cpe:2.3:a:hashicorp:vagrant_vmware_fusion:3.2.5
-
cpe:2.3:a:hashicorp:vagrant_vmware_fusion:3.2.6
-
cpe:2.3:a:hashicorp:vagrant_vmware_fusion:3.2.7
-
cpe:2.3:a:hashicorp:vagrant_vmware_fusion:3.2.8
-
cpe:2.3:a:hashicorp:vagrant_vmware_fusion:3.2.9
-
cpe:2.3:a:hashicorp:vagrant_vmware_fusion:4.0.0
-
cpe:2.3:a:hashicorp:vagrant_vmware_fusion:4.0.1
-
cpe:2.3:a:hashicorp:vagrant_vmware_fusion:4.0.11
-
cpe:2.3:a:hashicorp:vagrant_vmware_fusion:4.0.12
-
cpe:2.3:a:hashicorp:vagrant_vmware_fusion:4.0.13
-
cpe:2.3:a:hashicorp:vagrant_vmware_fusion:4.0.14
-
cpe:2.3:a:hashicorp:vagrant_vmware_fusion:4.0.15
-
cpe:2.3:a:hashicorp:vagrant_vmware_fusion:4.0.16
-
cpe:2.3:a:hashicorp:vagrant_vmware_fusion:4.0.17
-
cpe:2.3:a:hashicorp:vagrant_vmware_fusion:4.0.18
-
cpe:2.3:a:hashicorp:vagrant_vmware_fusion:4.0.2
-
cpe:2.3:a:hashicorp:vagrant_vmware_fusion:4.0.20
-
cpe:2.3:a:hashicorp:vagrant_vmware_fusion:4.0.21
-
cpe:2.3:a:hashicorp:vagrant_vmware_fusion:4.0.22
-
cpe:2.3:a:hashicorp:vagrant_vmware_fusion:4.0.23
-
cpe:2.3:a:hashicorp:vagrant_vmware_fusion:4.0.3
-
cpe:2.3:a:hashicorp:vagrant_vmware_fusion:4.0.4
-
cpe:2.3:a:hashicorp:vagrant_vmware_fusion:4.0.6
-
cpe:2.3:a:hashicorp:vagrant_vmware_fusion:4.0.7
-
cpe:2.3:a:hashicorp:vagrant_vmware_fusion:4.0.8