CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N
EPSS
Percentile
26.1%
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization
(component: Core). Supported versions that are affected are Prior to
5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable
vulnerability allows high privileged attacker with logon to the
infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM
VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may
significantly impact additional products. Successful attacks of this
vulnerability can result in unauthorized read access to a subset of Oracle
VM VirtualBox accessible data. CVSS 3.0 Base Score 3.2 (Confidentiality
impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | virtualbox | < any | UNKNOWN |
ubuntu | 20.04 | noarch | virtualbox | < 6.1.16-dfsg-6~ubuntu1.20.04.1 | UNKNOWN |
ubuntu | 20.10 | noarch | virtualbox | < 6.1.16-dfsg-6~ubuntu1.20.10.1 | UNKNOWN |
ubuntu | 16.04 | noarch | virtualbox | < any | UNKNOWN |
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N
EPSS
Percentile
26.1%