{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2022-31676","assignerOrgId":"dcf2e128-44bd-42ed-91e8-88f912c1401d","assignerShortName":"vmware","dateUpdated":"2024-08-03T07:26:00.916Z","dateReserved":"2022-05-25T00:00:00.000Z","datePublished":"2022-08-23T00:00:00.000Z"},"containers":{"cna":{"providerMetadata":{"orgId":"dcf2e128-44bd-42ed-91e8-88f912c1401d","shortName":"vmware","dateUpdated":"2022-10-31T00:00:00.000Z"},"descriptions":[{"lang":"en","value":"VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability. A malicious actor with local non-administrative access to the Guest OS can escalate privileges as a root user in the virtual machine."}],"affected":[{"vendor":"n/a","product":"VMware Tools","versions":[{"version":"VMware Tools (12.0.0, 11.x.y and 10.x.y)","status":"affected"}]}],"references":[{"url":"https://www.vmware.com/security/advisories/VMSA-2022-0024.html"},{"name":"[oss-security] 20220823 [SECURITY ADVISORY] open-vm-tools: Local privilege escalation vulnerability (CVE-2022-31676)","tags":["mailing-list"],"url":"http://www.openwall.com/lists/oss-security/2022/08/23/3"},{"name":"DSA-5215","tags":["vendor-advisory"],"url":"https://www.debian.org/security/2022/dsa-5215"},{"name":"[debian-lts-announce] 20220825 [SECURITY] [DLA 3081-1] open-vm-tools security update","tags":["mailing-list"],"url":"https://lists.debian.org/debian-lts-announce/2022/08/msg00013.html"},{"name":"FEDORA-2022-cd23eac6f4","tags":["vendor-advisory"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O4TZF6QRJIDECGMEGBPXJCHZ6YC3VZ6Z/"},{"name":"FEDORA-2022-1b8d3b2845","tags":["vendor-advisory"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C5VV2R4LV4T3SNQJYRLFD4C75HBDVV76/"},{"name":"FEDORA-2022-1c9c0bacaf","tags":["vendor-advisory"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZA63DWRW7HROTVBNRIPBJQWBYIYAQMEW/"},{"url":"https://security.netapp.com/advisory/ntap-20221017-0003/"},{"name":"GLSA-202210-27","tags":["vendor-advisory"],"url":"https://security.gentoo.org/glsa/202210-27"}],"problemTypes":[{"descriptions":[{"type":"text","lang":"en","description":"Local privilege escalation vulnerability"}]}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T07:26:00.916Z"},"title":"CVE Program Container","references":[{"url":"https://www.vmware.com/security/advisories/VMSA-2022-0024.html","tags":["x_transferred"]},{"name":"[oss-security] 20220823 [SECURITY ADVISORY] open-vm-tools: Local privilege escalation vulnerability (CVE-2022-31676)","tags":["mailing-list","x_transferred"],"url":"http://www.openwall.com/lists/oss-security/2022/08/23/3"},{"name":"DSA-5215","tags":["vendor-advisory","x_transferred"],"url":"https://www.debian.org/security/2022/dsa-5215"},{"name":"[debian-lts-announce] 20220825 [SECURITY] [DLA 3081-1] open-vm-tools security update","tags":["mailing-list","x_transferred"],"url":"https://lists.debian.org/debian-lts-announce/2022/08/msg00013.html"},{"name":"FEDORA-2022-cd23eac6f4","tags":["vendor-advisory","x_transferred"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O4TZF6QRJIDECGMEGBPXJCHZ6YC3VZ6Z/"},{"name":"FEDORA-2022-1b8d3b2845","tags":["vendor-advisory","x_transferred"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C5VV2R4LV4T3SNQJYRLFD4C75HBDVV76/"},{"name":"FEDORA-2022-1c9c0bacaf","tags":["vendor-advisory","x_transferred"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZA63DWRW7HROTVBNRIPBJQWBYIYAQMEW/"},{"url":"https://security.netapp.com/advisory/ntap-20221017-0003/","tags":["x_transferred"]},{"name":"GLSA-202210-27","tags":["vendor-advisory","x_transferred"],"url":"https://security.gentoo.org/glsa/202210-27"}]}]}}