CVE-2014-8370

MEDIUM

Description

VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, VMware Fusion 6.x before 6.0.5, and VMware ESXi 5.0 through 5.5 allow host OS users to gain host OS privileges or cause a denial of service (arbitrary write to a file) by modifying a configuration file.

References

http://jvn.jp/en/jp/JVN88252465/index.html

http://jvndb.jvn.jp/jvndb/JVNDB-2015-000007

http://secunia.com/advisories/62551

http://secunia.com/advisories/62605

http://secunia.com/advisories/62669

http://www.securityfocus.com/bid/72338

http://www.securitytracker.com/id/1031642

http://www.securitytracker.com/id/1031643

http://www.vmware.com/security/advisories/VMSA-2015-0001.html

https://exchange.xforce.ibmcloud.com/vulnerabilities/100933

Details

Source: MITRE

Published: 2015-01-29

Updated: 2017-09-08

Type: CWE-264

Risk Information

CVSS v2.0

Base Score: 6.4

Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:P)

Impact Score: 4.9

Exploitability Score: 10

Severity: MEDIUM