Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2020-3999
HistoryDec 21, 2020 - 4:15 p.m.

CVE-2020-3999

2020-12-2116:15:00
CWE-20
[email protected]
web.nvd.nist.gov
170
1
vmware
esxi
workstation
fusion
cloud foundation
denial of service
vulnerability

6.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

6.2 Medium

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

0.0004 Low

EPSS

Percentile

14.5%

JSON

VMware ESXi (7.0 prior to ESXi70U1c-17325551), VMware Workstation (16.x prior to 16.0 and 15.x prior to 15.5.7), VMware Fusion (12.x prior to 12.0 and 11.x prior to 11.5.7) and VMware Cloud Foundation contain a denial of service vulnerability due to improper input validation in GuestInfo. A malicious actor with normal user privilege access to a virtual machine can crash the virtual machine’s vmx process leading to a denial of service condition.

Social References

More

Related

nessus 5
kaspersky 1
prion 1
zdi 1
vmware 1
nessus
nessus
VMware Fusion 11.x < 11.5.7 DoS (VMSA-2020-0029)
2021-01-11 00:00:00
VMware Workstation 15.0.x < 15.5.7 Vulnerability (VMSA-2020-0029.1)
2021-06-23 00:00:00
VMware Workstation 15.x < 15.5.7 DoS (VMSA-2020-0029)
2021-01-11 00:00:00
kaspersky
kaspersky
KLA12102 DoS vulnerability in VMware Workstation and Player
2020-02-09 00:00:00
prion
prion
Input validation
2020-12-21 16:15:00
zdi
zdi
VMware Workstation SetGuestInfo Null Pointer Dereference Denial-of-Service Vulnerability
2020-12-18 00:00:00
vmware
vmware
VMware ESXi, Workstation, Fusion and Cloud Foundation updates address a denial of service vulnerability (CVE-2020-3999)
2020-12-17 00:00:00

6.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

6.2 Medium

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

0.0004 Low

EPSS

Percentile

14.5%

JSON
Related for CVE-2020-3999
nessus5kaspersky1prion1zdi1vmware1