Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBMB97B3EB4FEAFD0F35DF27E4D6D2428796FDB2B1C9F2FA16427D2B4EB617D9FD6
HistoryJun 25, 2019 - 7:40 p.m.

Security Bulletin: Open Source VMware Fusion Vulnerabilities in IBM Pure Application System (CVE-2017-4903, CVE-2017-4904, CVE-2017-4905)

2019-06-2519:40:02
www.ibm.com
23

0.023 Low

EPSS

Percentile

89.7%

JSON

Summary

Multiple vulnerabilities in Open Source VMware affects IBM PureApplication System. IBM PureApplication System has addressed Common Vulnerabilities Exposures CVE-2017-4903, CVE-2017-4904, CVE-2017-4905.
Additionally this bulletin includes information about the release of fix for Common Vulnerabilities Exposures. IBM PureApplication System has addressed the applicable CVEs CVE-2017-4941 and CVE-2017-4925 that cover additional CVEs see Reference section for details.

Vulnerability Details

CVEID: CVE-2017-4905 DESCRIPTION: Multiple VMware products could allow a local attacker to obtain sensitive information, caused by uninitializing stack memory usage. A local attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 6.2
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/123963 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

CVEID: CVE-2017-4904 DESCRIPTION: Multiple VMware products could allow a local attacker to execute arbitrary code on the system, caused by uninitializing stack memory usage in XHCI controller. An attacker could exploit this vulnerability to execute arbitrary code on the system and cause a denial of service.
CVSS Base Score: 8.4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/123962 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID: CVE-2017-4903 DESCRIPTION: Multiple VMware products could allow a local attacker to execute arbitrary code on the system, caused by uninitializing stack memory usage in SVGA. An attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base Score: 8.4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/123961 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID: CVE-2017-4925 DESCRIPTION: Multiple VMware products are vulnerable to a denial of service, caused by a NULL pointer dereference when handling guest RPC requests. By sending a specially-crafted RPC request, a local authenticated attacker could exploit this vulnerability to cause the system to crash.
CVSS Base Score: 5.5
CVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/132145&gt; for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2017-4941 DESCRIPTION: VMware ESXi, Workstation and Fusion is vulnerable to a stack-based overflow, caused by improper bounds checking by the remote management function. By sending a specially crafted set of VNC packets, a remote authenticated attacker could overflow a buffer and execute arbitrary code on the system.
CVSS Base Score: 8.8
CVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/136594&gt; for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

Affected Products and Versions

IBM PureApplication System V2.2
IBM PureApplication System V2.1

Remediation/Fixes

The PureSystemsยฎ Managers. on IBM PureApplication System is affected.

As for CVE-2017-4903, CVE-2017-4904, CVE-2017-4905, the solution is to upgrade the IBM PureApplication System to the following fix level:

IBM PureApplication System V2.2.0.0, V2.2.1.0, V2.2.2.0, V2.2.2.1, V2.2.2.2, V2.2.3.0, V2.2.3.1, V2.2.3.2

IBM PureApplication System V2.1.0.0, V2.1.0.1, V2.1.0.2, V2.1.0.0, V2.1.1.0, V2.1.2.0, V2.1.2.1, V2.1.2.2, V2.1.2.3, V2.1.2.4:

  • IBM recommends upgrading to a fixed version of the product. Contact IBM for assistance

As for CVE-2017-4925, CVE-2017-4941 the solution is to upgrade the IBM PureApplication System to the following fix level:

IBM PureApplication V2.2.5.0

  • Upgrade to IBM PureApplication V2.2.5. Contact IBM for assistance.

Information on upgrading can be found here: <http://www-01.ibm.com/support/docview.wss?uid=swg27039159&gt;

Workarounds and Mitigations

None

Related

nessus 20
openvas 9
vmware 4
threatpost 1
nvd 5
talos 1
prion 5
seebug 1
cve 5
cvelist 5
zdi 3
talosblog 1
zdt 1
exploitpack 1
kaspersky 2
exploitdb 1
myhack58 1
ibm 1
nessus
nessus
ESXi 6.5 < Build 5224529 Multiple Vulnerabilities (VMSA-2017-0006) (remote check)
2017-03-31 00:00:00
ESXi 6.0 U1 < Build 5251621 / 6.0 U2 < Build 5251623 / 6.0 U3 < Build 5224934 Multiple Vulnerabilities (VMSA-2017-0006) (remote check)
2017-03-31 00:00:00
VMware Workstation 12.x < 12.5.5 Multiple Vulnerabilities (VMSA-2017-0006) (Linux)
2017-03-30 00:00:00
openvas
openvas
VMware Workstation Code Execution And Information Disclosure Vulnerabilities - Linux
2017-07-03 00:00:00
VMware Fusion Code Execution And Information Disclosure Vulnerabilities - Mac OS X
2017-07-03 00:00:00
VMware ESXi updates address critical and moderate security issues (VMSA-2017-0006)
2017-03-31 00:00:00
vmware
vmware
VMware ESXi, Workstation and Fusion updates address critical and moderate security issues
2017-03-28 00:00:00
VMware ESXi, vCenter Server, Fusion and Workstation updates resolve multiple security vulnerabilities
2017-09-14 00:00:00
VMware ESXi, vCenter Server, Fusion and Workstation updates resolve multiple security vulnerabilities
2017-09-14 00:00:00
threatpost
threatpost
VMware Patches Pwn2Own VM Escape Vulnerabilities
2017-03-29 12:00:04
nvd
nvd
CVE-2017-4941
2017-12-20 15:29:00
CVE-2017-4925
2017-09-15 13:29:00
CVE-2017-4905
2017-06-07 18:29:00
talos
talos
VMware VNC Pointer Decode Code Execution Vulnerability
2017-12-19 00:00:00
prion
prion
Null pointer dereference
2017-09-15 13:29:00
Remote code execution
2017-12-20 15:29:00
Memory corruption
2017-06-07 18:29:00
seebug
seebug
VMware VNC Pointer Decode Code Execution Vulnerability(CVE-2017-4941)
2017-12-20 00:00:00
cve
cve
CVE-2017-4941
2017-12-20 15:29:00
CVE-2017-4925
2017-09-15 13:29:00
CVE-2017-4905
2017-06-07 18:29:00
cvelist
cvelist
CVE-2017-4941
2017-12-19 00:00:00
CVE-2017-4905
2017-06-07 18:00:00
CVE-2017-4925
2017-09-14 00:00:00
zdi
zdi
(Pwn2Own) VMware Workstation Uninitialized Memory Information Disclosure Vulnerability
2017-03-30 00:00:00
(Pwn2Own) VMware Workstation SVGA Uninitialized Memory Privilege Escalation Vulnerability
2017-03-30 00:00:00
(Pwn2Own) VMware Workstation Uninitialized Memory Privilege Escalation Vulnerability
2017-03-30 00:00:00
talosblog
talosblog
Vulnerability Spotlight: VMWare VNC Vulnerabilities
2017-12-19 11:00:00
zdt
zdt
VMware WorkStation 12.5.3 - Virtual Machine Escape Exploit
2019-11-25 00:00:00
exploitpack
exploitpack
VMware WorkStation 12.5.3 - Virtual Machine Escape
2019-06-06 00:00:00
kaspersky
kaspersky
KLA11110 Multiple vulnerabilities in VMware products
2017-09-14 00:00:00
KLA11164 Multiple vulnerabilities in VMware products
2017-12-19 00:00:00
exploitdb
exploitdb
VMware WorkStation 12.5.3 - Virtual Machine Escape
2019-06-06 00:00:00
myhack58
myhack58
Many high-risk SVGA code execution vulnerability bug,VMware efforts to be patched-vulnerabilities and early warning-the black bar safety net
2017-09-20 00:00:00
ibm
ibm
Security Bulletin: IBM PureApplication Service/Systems, which includes IBM OS Images for Red Hat Linux Systems, as well as AIX-based and Windows-based deployments, has released a fix in response to the vulnerabilities known as Spectre and Meltdown.
2019-06-20 15:05:01

0.023 Low

EPSS

Percentile

89.7%

JSON
Related for B97B3EB4FEAFD0F35DF27E4D6D2428796FDB2B1C9F2FA16427D2B4EB617D9FD6
nessus20openvas9vmware4threatpost1nvd5talos1prion5seebug1cve5cvelist5zdi3talosblog1zdt1exploitpack1kaspersky2exploitdb1myhack581ibm1