7

CVE-2018-6969

EPSS 0.07%
Veröffentlicht 13.07.2018 13:29:00
Zuletzt bearbeitet 21.11.2024 04:11:30
Quelle security@vmware.com
Teams Watchlist Login
Unerledigt Login

VMware Tools (10.x and prior before 10.3.0) contains an out-of-bounds read vulnerability in HGFS. Successful exploitation of this issue may lead to information disclosure or may allow attackers to escalate their privileges on the guest VMs. In order to be able to exploit this issue, file sharing must be enabled.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

VMware ≫ Tools Version < 10.3.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.07%	0.227

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7	1	5.9	CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	4.4	3.4	6.4	AV:L/AC:M/Au:N/C:P/I:P/A:P

CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

http://www.securityfocus.com/bid/104737

Third Party Advisory

VDB Entry

http://www.securitytracker.com/id/1041291

Third Party Advisory

VDB Entry

https://www.vmware.com/security/advisories/VMSA-2018-0017.html

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2018-6969

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2018-6969

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2018-6969

EUVD