Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.VMWARE_VMSA-2019-0019.NASL
HistoryOct 28, 2019 - 12:00 a.m.

VMSA-2019-0019 : Denial-of-service vulnerability

2019-10-2800:00:00
This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
40

3.5 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

35.1%

JSON

ESXi shader denial-of-service vulnerability - CVE-2019-5536

VMware ESXi, Workstation and Fusion contain a denial-of-service vulnerability in the shader functionality.

Successful exploitation of this issue may allow attackers with normal user privileges to create a denial-of-service condition on their own VM.

A local attacker with non-administrative access on the guest machine may exploit this issue to execute code on the host. This issue can only be exploited if a valid sound back-end is not connected.

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from VMware Security Advisory 2019-0019. 
# The text itself is copyright (C) VMware Inc.
#

include('compat.inc');

if (description)
{
  script_id(130346);
  script_version("1.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/04/16");

  script_cve_id("CVE-2019-5536");
  script_xref(name:"VMSA", value:"2019-0019");

  script_name(english:"VMSA-2019-0019 : Denial-of-service vulnerability");

  script_set_attribute(attribute:"synopsis", value:
"The remote VMware ESXi host is missing one or more security-related
patches.");
  script_set_attribute(attribute:"description", value:
"ESXi shader denial-of-service vulnerability - CVE-2019-5536

VMware ESXi, Workstation and Fusion contain a denial-of-service vulnerability in the shader functionality.

Successful exploitation of this issue may allow attackers with normal user privileges to create a denial-of-service condition on their own VM.

A local attacker with non-administrative access on the guest machine may exploit this issue to execute code on the host. This issue can only be exploited if a valid sound back-end is not connected.");
  script_set_attribute(attribute:"see_also", value:"http://lists.vmware.com/pipermail/security-announce/2019/000474.html");
  script_set_attribute(attribute:"solution", value:
"Apply the missing patches.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-5536");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/10/28");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/10/24");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/10/28");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:esxi:6.5");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:esxi:6.7");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"VMware ESX Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/VMware/release", "Host/VMware/version");
  script_require_ports("Host/VMware/esxupdate", "Host/VMware/esxcli_software_vibs");

  exit(0);
}


include("audit.inc");
include("vmware_esx_packages.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/VMware/release")) audit(AUDIT_OS_NOT, "VMware ESX / ESXi");
if (
  !get_kb_item("Host/VMware/esxcli_software_vibs") &&
  !get_kb_item("Host/VMware/esxupdate")
) audit(AUDIT_PACKAGE_LIST_MISSING);


init_esx_check(date:"2019-10-24");
flag = 0;


if (esx_check(ver:"ESXi 6.5", vib:"VMware:esx-base:6.5.0-3.105.14874964")) flag++;
if (esx_check(ver:"ESXi 6.5", vib:"VMware:esx-tboot:6.5.0-3.105.14874964")) flag++;
if (esx_check(ver:"ESXi 6.5", vib:"VMware:vsan:6.5.0-3.105.14404766")) flag++;
if (esx_check(ver:"ESXi 6.5", vib:"VMware:vsanhealth:6.5.0-3.105.14404767")) flag++;

if (esx_check(ver:"ESXi 6.7", vib:"VMware:esx-base:6.7.0-2.69.14141615")) flag++;
if (esx_check(ver:"ESXi 6.7", vib:"VMware:esx-update:6.7.0-2.69.14141615")) flag++;
if (esx_check(ver:"ESXi 6.7", vib:"VMware:vsan:6.7.0-2.69.13808269")) flag++;
if (esx_check(ver:"ESXi 6.7", vib:"VMware:vsanhealth:6.7.0-2.69.13808270")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_note(port:0, extra:esx_report_get());
  else security_note(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
vmwareesxi6.5cpe:/o:vmware:esxi:6.5
vmwareesxi6.7cpe:/o:vmware:esxi:6.7

Related

nessus 2
cvelist 1
talosblog 1
kaspersky 1
prion 1
nvd 1
cve 1
symantec 1
talos 1
vmware 1
nessus
nessus
VMware Workstation < 15.5.0 Vulnerability (VMSA-2019-0019)
2019-11-01 00:00:00
VMware Fusion < 11.5.0 Vulnerability (VMSA-2019-0019)
2019-11-01 00:00:00
cvelist
cvelist
CVE-2019-5536
2019-10-28 15:56:36
talosblog
talosblog
Vulnerability Spotlight: Denial-of-service in VMWare Fusion 11
2019-10-29 06:54:50
kaspersky
kaspersky
KLA12120 DoS vulnerability in VMware Workstation and Player
2019-10-24 00:00:00
prion
prion
Design/Logic Flaw
2019-10-28 16:15:00
nvd
nvd
CVE-2019-5536
2019-10-28 16:15:14
cve
cve
CVE-2019-5536
2019-10-28 16:15:14
symantec
symantec
Multiple VMware Products CVE-2019-5536 Denial of Service Vulnerability
2019-10-24 00:00:00
talos
talos
VMware Fusion 11 Shader Functionality Denial Of Service
2019-10-28 00:00:00
vmware
vmware
VMware ESXi, Workstation and Fusion updates address a denial-of-service vulnerability (CVE-2019-5536)
2019-10-24 00:00:00

3.5 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

35.1%

JSON
Related for VMWARE_VMSA-2019-0019.NASL
nessus2cvelist1talosblog1kaspersky1prion1nvd1cve1symantec1talos1vmware1