Kaspersky LabKLA12118KLA12118 Multiple vulnerabilities in VMware Workstation and Player
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
9.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:H
9.8 High
AI Score
Confidence
High
0.013 Low
EPSS
Percentile
85.6%
Out-of-bounds read/write vulnerabilities were found in VMware Workstation and Player. Malicious users can exploit this vulnerability to obtain sensitive information, cause denial of service.
Original advisories
Related products
CVE list
CVE-2019-5684 critical
CVE-2019-5521 critical
Solution
Update to the latest version
Impacts
- OSI
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
- DoS
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
Affected Products
- VMware Workstation 14.x earlier than 14.1.6VMware Player 14.x earlier than 14.1.6VMware Workstation 15.x earlier than 15.0.3VMware Player 15.x earlier than 15.0.3
Related
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
9.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:H
9.8 High
AI Score
Confidence
High
0.013 Low
EPSS
Percentile
85.6%