Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-5vvr-23q8-x3qg

Опубликовано: 24 мая 2022
Источник: github
Github: Не прошло ревью

Описание

VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201907101-SG), Workstation (15.x before 15.0.2), and Fusion (11.x before 11.0.2) contain a heap overflow vulnerability in the vmxnet3 virtual network adapter. A malicious actor with local access to a virtual machine with a vmxnet3 network adapter present may be able to read privileged information contained in physical memory.

VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201907101-SG), Workstation (15.x before 15.0.2), and Fusion (11.x before 11.0.2) contain a heap overflow vulnerability in the vmxnet3 virtual network adapter. A malicious actor with local access to a virtual machine with a vmxnet3 network adapter present may be able to read privileged information contained in physical memory.

Ссылки

EPSS

Процентиль: 13%
0.00043
Низкий

CVE ID

CVE-2020-3971

Связанные уязвимости

nvd логотип

CVE-2020-3971

CVSS3: 5.5
nvd
больше 5 лет назад

VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201907101-SG), Workstation (15.x before 15.0.2), and Fusion (11.x before 11.0.2) contain a heap overflow vulnerability in the vmxnet3 virtual network adapter. A malicious actor with local access to a virtual machine with a vmxnet3 network adapter present may be able to read privileged information contained in physical memory.

fstec логотип

BDU:2020-03231

CVSS3: 5.5
fstec
больше 5 лет назад

Уязвимость виртуального сетевого адаптера vmxnet3 гипервизоров VMware ESXi, VMware Workstation и VMware Fusion, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

EPSS

Процентиль: 13%
0.00043
Низкий

CVE ID

CVE-2020-3971