Lucene search

[email protected]CVE-2017-4933

HistoryDec 20, 2017 - 3:29 p.m.

CVE-2017-4933

2017-12-2015:29:00

CWE-787

[email protected]

web.nvd.nist.gov

vmware

esxi

workstation

fusion

vnc

authentication

vulnerability

heap overflow

remote code execution

nvd

cve-2017-4933

6 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.7 High

AI Score

Confidence

High

0.15 Low

EPSS

Percentile

95.8%

JSON

VMware ESXi (6.5 before ESXi650-201710401-BG), Workstation (12.x before 12.5.8), and Fusion (8.x before 8.5.9) contain a vulnerability that could allow an authenticated VNC session to cause a heap overflow via a specific set of VNC packets resulting in heap corruption. Successful exploitation of this issue could result in remote code execution in a virtual machine via the authenticated VNC session. Note: In order for exploitation to be possible in ESXi, VNC must be manually enabled in a virtual machine’s .vmx configuration file. In addition, ESXi must be configured to allow VNC traffic through the built-in firewall.

Affected configurations

NVD

Node

vmwareworkstation_proRange12.0.0–12.5.8

vmwareworkstation_proMatch14.0

vmwareworkstation_proMatch14.1.0

vmwareesxiMatch6.5-

vmwareesxiMatch6.5650-201701001

vmwareesxiMatch6.5650-201703001

vmwareesxiMatch6.5650-201703002

vmwareesxiMatch6.5650-201704001

vmwareesxiMatch6.5650-201707101

vmwareesxiMatch6.5650-201707102

vmwareesxiMatch6.5650-201707103

vmwareesxiMatch6.5650-201707201

vmwareesxiMatch6.5650-201707202

vmwareesxiMatch6.5650-201707203

vmwareesxiMatch6.5650-201707204

vmwareesxiMatch6.5650-201707205

vmwareesxiMatch6.5650-201707206

vmwareesxiMatch6.5650-201707207

vmwareesxiMatch6.5650-201707208

vmwareesxiMatch6.5650-201707209

vmwareesxiMatch6.5650-201707210

vmwareesxiMatch6.5650-201707211

vmwareesxiMatch6.5650-201707212

vmwareesxiMatch6.5650-201707213

vmwareesxiMatch6.5650-201707214

vmwareesxiMatch6.5650-201707215

vmwareesxiMatch6.5650-201707216

vmwareesxiMatch6.5650-201707217

vmwareesxiMatch6.5650-201707218

vmwareesxiMatch6.5650-201707219

vmwareesxiMatch6.5650-201707220

vmwareesxiMatch6.5650-201707221

vmwareesxiMatch6.5650-201710001

Node

applemac_os_xMatch-

AND

vmwarefusionRange8.0.0–8.5.9

CPENameOperatorVersion
vmware:workstation_provmware workstation prolt12.5.8
vmware:workstation_provmware workstation proeq14.0
vmware:workstation_provmware workstation proeq14.1.0
vmware:esxivmware esxieq6.5

CPE	Name	Operator	Version
vmware:workstation_pro	vmware workstation pro	lt	12.5.8
vmware:workstation_pro	vmware workstation pro	eq	14.0
vmware:workstation_pro	vmware workstation pro	eq	14.1.0
vmware:esxi	vmware esxi	eq	6.5

CNA Affected

[
  {
    "product": "ESXi",
    "vendor": "VMware",
    "versions": [
      {
        "status": "affected",
        "version": "6.5 before ESXi650-201710401-BG"
      }
    ]
  },
  {
    "product": "Workstation",
    "vendor": "VMware",
    "versions": [
      {
        "status": "affected",
        "version": "12.x before 12.5.8"
      }
    ]
  },
  {
    "product": "Fusion",
    "vendor": "VMware",
    "versions": [
      {
        "status": "affected",
        "version": "8.x before 8.5.9"
      }
    ]
  }
]