Lucene search

[email protected]NVD:CVE-2020-3981

HistoryOct 20, 2020 - 5:15 p.m.

CVE-2020-3981

2020-10-2017:15:12

CWE-125

CWE-367

[email protected]

web.nvd.nist.gov

3.5 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:N/A:N

5.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N

0.002 Low

EPSS

Percentile

59.8%

JSON

VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202008101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x), Fusion (11.x before 11.5.6) contain an out-of-bounds read vulnerability due to a time-of-check time-of-use issue in ACPI device. A malicious actor with administrative access to a virtual machine may be able to exploit this issue to leak memory from the vmx process.

Affected configurations

NVD

Node

vmwarecloud_foundationRange3.0–3.10.1

vmwarecloud_foundationRange4.0–4.1

vmwareworkstationRange15.0.0–15.5.6

vmwareesxiMatch7.0.0-

vmwareesxiMatch7.0.01.20.16321839

Node

applemac_os_xMatch-

AND

vmwarefusionRange11.0–11.5.6

Node

vmwareesxiMatch6.5-

vmwareesxiMatch6.52

vmwareesxiMatch6.5650-201701001

vmwareesxiMatch6.5650-201703001

vmwareesxiMatch6.5650-201703002

vmwareesxiMatch6.5650-201704001

vmwareesxiMatch6.5650-201707101

vmwareesxiMatch6.5650-201707102

vmwareesxiMatch6.5650-201707103

vmwareesxiMatch6.5650-201707201

vmwareesxiMatch6.5650-201707202

vmwareesxiMatch6.5650-201707203

vmwareesxiMatch6.5650-201707204

vmwareesxiMatch6.5650-201707205

vmwareesxiMatch6.5650-201707206

vmwareesxiMatch6.5650-201707207

vmwareesxiMatch6.5650-201707208

vmwareesxiMatch6.5650-201707209

vmwareesxiMatch6.5650-201707210

vmwareesxiMatch6.5650-201707211

vmwareesxiMatch6.5650-201707212

vmwareesxiMatch6.5650-201707213

vmwareesxiMatch6.5650-201707214

vmwareesxiMatch6.5650-201707215

vmwareesxiMatch6.5650-201707216

vmwareesxiMatch6.5650-201707217

vmwareesxiMatch6.5650-201707218

vmwareesxiMatch6.5650-201707219

vmwareesxiMatch6.5650-201707220

vmwareesxiMatch6.5650-201707221

vmwareesxiMatch6.5650-201710001

vmwareesxiMatch6.5650-201712001

vmwareesxiMatch6.5650-201803001

vmwareesxiMatch6.5650-201806001

vmwareesxiMatch6.5650-201808001

vmwareesxiMatch6.5650-201810001

vmwareesxiMatch6.5650-201810002

vmwareesxiMatch6.5650-201811001

vmwareesxiMatch6.5650-201811002

vmwareesxiMatch6.5650-201811301

vmwareesxiMatch6.5650-201901001

vmwareesxiMatch6.5650-201903001

vmwareesxiMatch6.5650-201905001

vmwareesxiMatch6.5650-201908001

vmwareesxiMatch6.5650-201910001

vmwareesxiMatch6.5650-20191004001

vmwareesxiMatch6.5650-201911001

vmwareesxiMatch6.5650-201911401

vmwareesxiMatch6.5650-201911402

vmwareesxiMatch6.5650-201912001

vmwareesxiMatch6.5650-201912002

vmwareesxiMatch6.5650-201912101

vmwareesxiMatch6.5650-201912102

vmwareesxiMatch6.5650-201912103

vmwareesxiMatch6.5650-201912104

vmwareesxiMatch6.5650-201912301

vmwareesxiMatch6.5650-201912401

vmwareesxiMatch6.5650-201912402

vmwareesxiMatch6.5650-201912403

vmwareesxiMatch6.5650-201912404

vmwareesxiMatch6.5650-202005001

vmwareesxiMatch6.5650-202006001

vmwareesxiMatch6.5650-202007001

Node

vmwareesxiMatch6.7-

vmwareesxiMatch6.7670-201806001

vmwareesxiMatch6.7670-201807001

vmwareesxiMatch6.7670-201808001

vmwareesxiMatch6.7670-201810001

vmwareesxiMatch6.7670-201810101

vmwareesxiMatch6.7670-201810102

vmwareesxiMatch6.7670-201810103

vmwareesxiMatch6.7670-201810201

vmwareesxiMatch6.7670-201810202

vmwareesxiMatch6.7670-201810203

vmwareesxiMatch6.7670-201810204

vmwareesxiMatch6.7670-201810205

vmwareesxiMatch6.7670-201810206

vmwareesxiMatch6.7670-201810207

vmwareesxiMatch6.7670-201810208

vmwareesxiMatch6.7670-201810209

vmwareesxiMatch6.7670-201810210

vmwareesxiMatch6.7670-201810211

vmwareesxiMatch6.7670-201810212

vmwareesxiMatch6.7670-201810213

vmwareesxiMatch6.7670-201810214

vmwareesxiMatch6.7670-201810215

vmwareesxiMatch6.7670-201810216

vmwareesxiMatch6.7670-201810217

vmwareesxiMatch6.7670-201810218

vmwareesxiMatch6.7670-201810219

vmwareesxiMatch6.7670-201810220

vmwareesxiMatch6.7670-201810221

vmwareesxiMatch6.7670-201810222

vmwareesxiMatch6.7670-201810223

vmwareesxiMatch6.7670-201810224

vmwareesxiMatch6.7670-201810225

vmwareesxiMatch6.7670-201810226

vmwareesxiMatch6.7670-201810227

vmwareesxiMatch6.7670-201810228

vmwareesxiMatch6.7670-201810229

vmwareesxiMatch6.7670-201810230

vmwareesxiMatch6.7670-201810231

vmwareesxiMatch6.7670-201810232

vmwareesxiMatch6.7670-201810233

vmwareesxiMatch6.7670-201810234

vmwareesxiMatch6.7670-201811001

vmwareesxiMatch6.7670-201901001

vmwareesxiMatch6.7670-201901401

vmwareesxiMatch6.7670-201901402

vmwareesxiMatch6.7670-201901403

vmwareesxiMatch6.7670-201903001

vmwareesxiMatch6.7670-201904001

vmwareesxiMatch6.7670-201904201

vmwareesxiMatch6.7670-201904201-ug

vmwareesxiMatch6.7670-201904202

vmwareesxiMatch6.7670-201904202-ug

vmwareesxiMatch6.7670-201904203

vmwareesxiMatch6.7670-201904203-ug

vmwareesxiMatch6.7670-201904204

vmwareesxiMatch6.7670-201904204-ug

vmwareesxiMatch6.7670-201904205

vmwareesxiMatch6.7670-201904205-ug

vmwareesxiMatch6.7670-201904206

vmwareesxiMatch6.7670-201904206-ug

vmwareesxiMatch6.7670-201904207

vmwareesxiMatch6.7670-201904207-ug

vmwareesxiMatch6.7670-201904208

vmwareesxiMatch6.7670-201904208-ug

vmwareesxiMatch6.7670-201904209

vmwareesxiMatch6.7670-201904209-ug

vmwareesxiMatch6.7670-201904210

vmwareesxiMatch6.7670-201904210-ug

vmwareesxiMatch6.7670-201904211

vmwareesxiMatch6.7670-201904211-ug

vmwareesxiMatch6.7670-201904212

vmwareesxiMatch6.7670-201904212-ug

vmwareesxiMatch6.7670-201904213

vmwareesxiMatch6.7670-201904213-ug

vmwareesxiMatch6.7670-201904214

vmwareesxiMatch6.7670-201904214-ug

vmwareesxiMatch6.7670-201904215

vmwareesxiMatch6.7670-201904215-ug

vmwareesxiMatch6.7670-201904216

vmwareesxiMatch6.7670-201904216-ug

vmwareesxiMatch6.7670-201904217

vmwareesxiMatch6.7670-201904217-ug

vmwareesxiMatch6.7670-201904218

vmwareesxiMatch6.7670-201904218-ug

vmwareesxiMatch6.7670-201904219

vmwareesxiMatch6.7670-201904219-ug

vmwareesxiMatch6.7670-201904220

vmwareesxiMatch6.7670-201904220-ug

vmwareesxiMatch6.7670-201904221

vmwareesxiMatch6.7670-201904221-ug

vmwareesxiMatch6.7670-201904222

vmwareesxiMatch6.7670-201904222-ug

vmwareesxiMatch6.7670-201904223

vmwareesxiMatch6.7670-201904223-ug

vmwareesxiMatch6.7670-201904224

vmwareesxiMatch6.7670-201904224-ug

vmwareesxiMatch6.7670-201904225

vmwareesxiMatch6.7670-201904225-ug

vmwareesxiMatch6.7670-201904226

vmwareesxiMatch6.7670-201904226-ug

vmwareesxiMatch6.7670-201904227

vmwareesxiMatch6.7670-201904227-ug

vmwareesxiMatch6.7670-201904228

vmwareesxiMatch6.7670-201904228-ug

vmwareesxiMatch6.7670-201904229

vmwareesxiMatch6.7670-201904229-ug

vmwareesxiMatch6.7670-201905001

vmwareesxiMatch6.7670-201906002

vmwareesxiMatch6.7670-201908101

vmwareesxiMatch6.7670-201908102

vmwareesxiMatch6.7670-201908103

vmwareesxiMatch6.7670-201908104

vmwareesxiMatch6.7670-201908201

vmwareesxiMatch6.7670-201908202

vmwareesxiMatch6.7670-201908203

vmwareesxiMatch6.7670-201908204

vmwareesxiMatch6.7670-201908205

vmwareesxiMatch6.7670-201908206

vmwareesxiMatch6.7670-201908207

vmwareesxiMatch6.7670-201908208

vmwareesxiMatch6.7670-201908209

vmwareesxiMatch6.7670-201908210

vmwareesxiMatch6.7670-201908211

vmwareesxiMatch6.7670-201908212

vmwareesxiMatch6.7670-201908213

vmwareesxiMatch6.7670-201908214

vmwareesxiMatch6.7670-201908215

vmwareesxiMatch6.7670-201908216

vmwareesxiMatch6.7670-201908217

vmwareesxiMatch6.7670-201908218

vmwareesxiMatch6.7670-201908219

vmwareesxiMatch6.7670-201908220

vmwareesxiMatch6.7670-201908221

vmwareesxiMatch6.7670-201912001

vmwareesxiMatch6.7670-201912101

vmwareesxiMatch6.7670-201912102

vmwareesxiMatch6.7670-201912401

vmwareesxiMatch6.7670-201912402

vmwareesxiMatch6.7670-201912403

vmwareesxiMatch6.7670-201912404

vmwareesxiMatch6.7670-201912405

vmwareesxiMatch6.7670-202004001

vmwareesxiMatch6.7670-202004002

vmwareesxiMatch6.7670-202004301

vmwareesxiMatch6.7670-202004401

vmwareesxiMatch6.7670-202004402

vmwareesxiMatch6.7670-202004403

vmwareesxiMatch6.7670-202004404

vmwareesxiMatch6.7670-202004405

vmwareesxiMatch6.7670-202004406

vmwareesxiMatch6.7670-202004407

vmwareesxiMatch6.7670-202004408

vmwareesxiMatch6.7670-202006001

vmwareesxiMatch6.7670-202008001

References

www.vmware.com/security/advisories/VMSA-2020-0023.html

3.5 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:N/A:N

5.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N

0.002 Low

EPSS

Percentile

59.8%

JSON

Related for NVD:CVE-2020-3981

prion1 zdi1 cve1 cvelist1 ibm1 kaspersky1 nessus2 vmware1 threatpost1