Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveVmwareCVE-2019-5535
HistoryOct 10, 2019 - 5:15 p.m.

CVE-2019-5535

2019-10-1017:15:18
vmware
web.nvd.nist.gov
53
vmware
workstation
fusion
cve-2019-5535
network
denial-of-service
vulnerability
ipv6
cvssv3

CVSS2

2.9

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:M/Au:N/C:N/I:N/A:P

CVSS3

4.7

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

AI Score

6.3

Confidence

Low

EPSS

0.001

Percentile

25.0%

JSON

VMware Workstation and Fusion contain a network denial-of-service vulnerability due to improper handling of certain IPv6 packets. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.7.

Affected configurations

Nvd
Node
vmwarefusionRange11.0.011.5.0
OR
vmwareworkstationRange15.0.015.5.0
VendorProductVersionCPE
vmwarefusion*cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*
vmwareworkstation*cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*

CNA Affected

[
  {
    "product": "VMware Workstation and Fusion",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "VMware Workstation 15.x and Fusion 11.x"
      }
    ]
  }
]

Related

cvelist 1
prion 1
nvd 1
vmware 2
nessus 2
kaspersky 1
cvelist
cvelist
CVE-2019-5535
2019-10-10 16:29:16
prion
prion
Design/Logic Flaw
2019-10-10 17:15:00
nvd
nvd
CVE-2019-5535
2019-10-10 17:15:18
vmware
vmware
VMware ESXi, Workstation, Fusion, VMRC and Horizon Client updates address use-after-free and denial of service vulnerabilities. (CVE-2019-5527, CVE-2019-5535)
2019-09-19 00:00:00
VMware ESXi, Workstation, Fusion, VMRC and Horizon Client updates address use-after-free and denial of service vulnerabilities. (CVE-2019-5527, CVE-2019-5535)
2019-09-19 00:00:00
nessus
nessus
VMware Workstation 15.0.x < 15.5.0 Multiple Vulnerabilities (VMSA-2019-0014)
2019-10-02 00:00:00
VMware Fusion 11.0.x < 11.5.0 Multiple Vulnerabilities (VMSA-2019-0014)
2019-10-02 00:00:00
kaspersky
kaspersky
KLA12119 Multiple vulnerabilities in VMware Workstation and Player
2019-09-19 00:00:00

CVSS2

2.9

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:M/Au:N/C:N/I:N/A:P

CVSS3

4.7

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

AI Score

6.3

Confidence

Low

EPSS

0.001

Percentile

25.0%

JSON
Related for CVE-2019-5535
cvelist1prion1nvd1vmware2nessus2kaspersky1