Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.MACOSX_FUSION_VMSA_2020_0004.NASL
HistoryMar 16, 2020 - 12:00 a.m.

VMware Fusion 11.x < 11.5.2 Multiple Vulnerabilities (VMSA-2020-0004)

2020-03-1600:00:00
This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
11
JSON

The version of VMware Fusion installed on the remote macOS or Mac OS X host is 11.x prior to 11.5.2. It is, therefore, affected by multiple vulnerabilities. Note that Nessus has not tested for these issues but has instead relied only on the applicationโ€™s self-reported version number.

#
# (C) Tenable Network Security, Inc.
#

include('compat.inc');

if (description)
{
  script_id(134628);
  script_version("1.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/27");

  script_cve_id("CVE-2019-5543", "CVE-2020-3947", "CVE-2020-3948");
  script_xref(name:"VMSA", value:"2020-0004");

  script_name(english:"VMware Fusion 11.x < 11.5.2 Multiple Vulnerabilities (VMSA-2020-0004)");

  script_set_attribute(attribute:"synopsis", value:
"A virtualization application installed on the remote macOS or Mac OS X host is affected by multiple vulnerabilities");
  script_set_attribute(attribute:"description", value:
"The version of VMware Fusion installed on the remote macOS or Mac OS X host is 11.x prior to 11.5.2. It is, therefore,
affected by multiple vulnerabilities.  Note that Nessus has not tested for these issues but has instead relied only on
the application's self-reported version number.");
  script_set_attribute(attribute:"see_also", value:"https://www.vmware.com/security/advisories/VMSA-2020-0004.html");
  script_set_attribute(attribute:"solution", value:
"Update to VMware Fusion version 11.5.2, or later.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-3947");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"vuln_publication_date", value:"2020/03/12");
  script_set_attribute(attribute:"patch_publication_date", value:"2020/03/12");
  script_set_attribute(attribute:"plugin_publication_date", value:"2020/03/16");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:vmware:fusion");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"MacOS X Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("macosx_fusion_detect.nasl");
  script_require_keys("Host/local_checks_enabled", "installed_sw/VMware Fusion");

  exit(0);
}

include('vcf.inc');


app_info = vcf::get_app_info(app:'VMware Fusion');

constraints = [
  { 'min_version' : '11.0', 'fixed_version' : '11.5.2' }
];

vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);
VendorProductVersionCPE
vmwarefusioncpe:/a:vmware:fusion

Related

vmware 2
nessus 2
kaspersky 1
prion 3
cvelist 3
cve 3
zdi 2
vmware
vmware
VMware Horizon Client, VMRC, VMware Workstation and Fusion updates address use-after-free and privilege escalation vulnerabilities (CVE-2019-5543, CVE-2020-3947, CVE-2020-3948)
2020-03-12 00:00:00
VMwareย Horizon Client, VMRC,ย VMware Workstation and Fusion updates address use-after-free and privilege escalation vulnerabilities (CVE-2019-5543,ย CVE-2020-3947, CVE-2020-3948)
2020-03-12 00:00:00
nessus
nessus
VMware Workstation 15.0.x < 15.5.2 Multiple Vulnerabilities (VMSA-2020-0004)
2020-03-16 00:00:00
VMware Workstation 15.x < 15.5.2 Multiple Vulnerabilities (VMSA-2020-0004) (Linux)
2020-03-16 00:00:00
kaspersky
kaspersky
KLA12094 Multiple vulnerabilities in VMware Workstation and Player
2020-03-12 00:00:00
prion
prion
Design/Logic Flaw
2020-03-16 18:15:00
Privilege escalation
2020-03-16 18:15:00
Design/Logic Flaw
2020-03-16 18:15:00
cvelist
cvelist
CVE-2019-5543
2020-03-16 17:24:55
CVE-2020-3948
2020-03-16 17:17:39
CVE-2020-3947
2020-03-16 17:21:09
cve
cve
CVE-2019-5543
2020-03-16 18:15:00
CVE-2020-3948
2020-03-16 18:15:00
CVE-2020-3947
2020-03-16 18:15:00
zdi
zdi
VMware Workstation vmnetdhcp Use-After-Free Privilege Escalation Vulnerability
2020-03-13 00:00:00
VMware Workstation Virtual Printer External Control of File Name Privilege Escalation Vulnerability
2020-03-13 00:00:00
JSON
Related for MACOSX_FUSION_VMSA_2020_0004.NASL
vmware2nessus2kaspersky1prion3cvelist3cve3zdi2