CVE-2018-6972

Опубликовано: 25 июл. 2018

Источник: nvd

CVSS3: 6.5

CVSS2: 4

EPSS Низкий

Описание

VMware ESXi (6.7 before ESXi670-201806401-BG, 6.5 before ESXi650-201806401-BG, 6.0 before ESXi600-201806401-BG and 5.5 before ESXi550-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain a denial-of-service vulnerability due to NULL pointer dereference issue in RPC handler. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs.

Ссылки

http://www.securityfocus.com/bid/104884
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1041356
Broken Link
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1041357
Broken Link
Third Party Advisory
VDB Entry
https://www.vmware.com/security/advisories/VMSA-2018-0018.html
Patch
Vendor Advisory
http://www.securityfocus.com/bid/104884
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1041356
Broken Link
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1041357
Broken Link
Third Party Advisory
VDB Entry
https://www.vmware.com/security/advisories/VMSA-2018-0018.html
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*

Версия от 14.0 (включая) до 14.1.2 (исключая)

Конфигурация 2

Одновременно

cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*

Версия от 10.0 (включая) до 10.1.2 (исключая)

cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*

Конфигурация 3

Одно из

cpe:2.3:o:vmware:esxi:5.5:-:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:5.5:1:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:5.5:2:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:5.5:3a:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:5.5:3b:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:5.5:550-20170901001s:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:5.5:550-20170904001:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:-:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:1:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:1a:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:1b:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:2:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:3:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:3a:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201504401:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201505401:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201507101:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201507102:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201507401:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201507402:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201507403:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201507404:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201507405:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201507406:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201507407:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201509101:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201509102:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201509201:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201509202:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201509203:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201509204:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201509205:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201509206:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201509207:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201509208:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201509209:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201509210:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201510401:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201511401:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201601101:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201601102:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201601401:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201601402:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201601403:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201601404:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201601405:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201602401:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201603101:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201603102:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201603201:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201603202:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201603203:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201603204:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201603205:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201603206:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201603207:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201603208:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201605401:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201608101:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201608401:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201608402:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201608403:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201608404:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201608405:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201610410:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201611401:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201611402:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201611403:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201702101:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201702102:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201702201:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201702202:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201702203:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201702204:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201702205:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201702206:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201702207:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201702208:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201702209:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201702210:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201702211:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201702212:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201703401:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201706101:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201706102:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:600-201706103:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.5:2:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.5:650-201701001:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.5:650-201703001:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.5:650-201703002:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.5:650-201704001:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.5:650-201707101:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.5:650-201707102:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.5:650-201707103:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.5:650-201707201:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.5:650-201707202:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.5:650-201707203:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.5:650-201707204:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.5:650-201707205:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.5:650-201707206:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.5:650-201707207:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.5:650-201707208:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.5:650-201707209:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.5:650-201707210:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.5:650-201707211:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.5:650-201707212:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.5:650-201707213:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.5:650-201707214:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.5:650-201707215:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.5:650-201707216:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.5:650-201707217:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.5:650-201707218:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.5:650-201707219:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.5:650-201707220:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.5:650-201707221:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.5:650-201710001:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.5:650-201712001:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.5:650-201803001:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.5:650-201806001:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.7:-:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.7:670-201806001:*:*:*:*:*:*

EPSS

Процентиль: 86%

0.02794

Низкий

6.5 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-476

Связанные уязвимости

GHSA-xmm5-6qh4-9f74