Lucene search
Copyright (C) 2024 Greenbone AGOPENVAS:1361412562310834023HistoryMay 22, 2024 - 12:00 a.m.
VMware Workstation Out-of-bounds read/write Vulnerability (VMSA-2024-0011) - Linux
2024-05-2200:00:00
Copyright (C) 2024 Greenbone AG
plugins.openvas.org
2
vmware workstation
out of bounds
vulnerability
linux
arbitrary code execution
denial of service
8.1 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
7.3 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
9.1%
VMware Workstation is prone to an out of
bounds read/write vulnerability.
# SPDX-FileCopyrightText: 2024 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
CPE = "cpe:/a:vmware:workstation";
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.834023");
script_version("2024-05-24T19:38:34+0000");
script_cve_id("CVE-2024-22273");
script_tag(name:"cvss_base", value:"5.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_tag(name:"last_modification", value:"2024-05-24 19:38:34 +0000 (Fri, 24 May 2024)");
script_tag(name:"creation_date", value:"2024-05-22 15:17:45 +0530 (Wed, 22 May 2024)");
script_name("VMware Workstation Out-of-bounds read/write Vulnerability (VMSA-2024-0011) - Linux");
script_tag(name:"summary", value:"VMware Workstation is prone to an out of
bounds read/write vulnerability.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present
on the target host.");
script_tag(name:"insight", value:"The flaw exists due to an out of bounds
read/write error exists in VMware Workstation.");
script_tag(name:"impact", value:"Successful exploitation allows an attacker
to run arbitrary code and cause denial of service attacks.");
script_tag(name:"affected", value:"VMware Workstation 17.x before 17.5.1 on
Linux");
script_tag(name:"solution", value:"Update to version 17.5.1 or later.");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"executable_version");
script_xref(name:"URL", value:"https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24308");
script_copyright("Copyright (C) 2024 Greenbone AG");
script_category(ACT_GATHER_INFO);
script_family("Denial of Service");
script_dependencies("gb_vmware_prdts_detect_lin.nasl");
script_mandatory_keys("VMware/Linux/Installed", "VMware/Workstation/Linux/Ver");
exit(0);
}
include("host_details.inc");
include("version_func.inc");
if(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))
exit(0);
vers = infos["version"];
path = infos["location"];
if(vers =~ "^17\." && version_is_less(version:vers, test_version:"17.5.1")) {
report = report_fixed_ver(installed_version:vers, fixed_version:"17.5.1", install_path:path);
security_message(port:0, data:report);
exit(0);
}
exit(99);
Related
vulnrichment
vulnrichment
CVE-2024-22273
2024-05-21 17:29:05
cve
cve
CVE-2024-22273
2024-05-21 18:15:08
openvas
openvas
VMware Workstation Out-of-bounds read/write Vulnerability (VMSA-2024-0011) - Windows
2024-05-22 00:00:00
VMware ESXi Out-of-bounds read/write Vulnerability (VMSA-2024-0011)
2024-05-23 00:00:00
cvelist
cvelist
CVE-2024-22273
2024-05-21 17:29:05
nvd
nvd
CVE-2024-22273
2024-05-21 18:15:08
8.1 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
7.3 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
9.1%
Related for OPENVAS:1361412562310834023