CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H
EPSS
Percentile
9.8%
[email protected] reports:
Vulnerability in the Oracle VM VirtualBox product of Oracle
Virtualization (component: Core). Supported versions that are
affected are Prior to 6.1.46 and Prior to 7.0.10. Easily exploitable
vulnerability allows high privileged attacker with logon to the
infrastructure where Oracle VM VirtualBox executes to compromise
Oracle VM VirtualBox. Successful attacks require human interaction
from a person other than the attacker. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang
or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox.
CVSS 3.1 Base Score 4.2 (Availability impacts). CVSS Vector:
(CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | virtualbox-ose | < 6.1.46 | UNKNOWN |