Lucene search
VmwareCVELIST:CVE-2019-5514HistoryApr 01, 2019 - 8:21 p.m.
CVE-2019-5514
2019-04-0120:21:11
vmware
www.cve.org
1
VMware VMware Fusion (11.x before 11.0.3) contains a security vulnerability due to certain unauthenticated APIs accessible through a web socket. An attacker may exploit this issue by tricking the host user to execute a JavaScript to perform unauthorized functions on the guest machine where VMware Tools is installed. This may further be exploited to execute commands on the guest machines.
CNA Affected
[
{
"product": "VMware Fusion",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "11.x before 11.0.3"
}
]
}
]Related
nvd
nvd
CVE-2019-5514
2019-04-01 21:30:43
prion
prion
Improper access control
2019-04-01 21:30:00
attackerkb
attackerkb
VMWare Fusion APIs available without auth via web socket (CVE-2019-5514)
2019-04-01 00:00:00
cve
cve
CVE-2019-5514
2019-04-01 21:30:43
checkpoint_advisories
checkpoint_advisories
VMware Fusion Remote Code Execution (CVE-2019-5514)
2019-05-12 00:00:00
vmware
vmware
nessus
nessus
kaspersky
kaspersky
KLA11457 Multiple vulnerabilities in VMware Workstation and Fusion
2019-03-28 00:00:00