CVE-2015-1044

LOW

Description

vmware-authd (aka the Authorization process) in VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, and VMware ESXi 5.0 through 5.5 allows attackers to cause a host OS denial of service via unspecified vectors.

References

http://secunia.com/advisories/62551

http://secunia.com/advisories/62569

http://secunia.com/advisories/62669

http://www.securityfocus.com/bid/72336

http://www.securitytracker.com/id/1031645

http://www.securitytracker.com/id/1031646

http://www.vmware.com/security/advisories/VMSA-2015-0001.html

https://exchange.xforce.ibmcloud.com/vulnerabilities/100935

Details

Source: MITRE

Published: 2015-01-29

Updated: 2017-09-08

Type: NVD-CWE-noinfo

Risk Information

CVSS v2.0

Base Score: 3.3

Vector: (AV:A/AC:L/Au:N/C:N/I:N/A:P)

Impact Score: 2.9

Exploitability Score: 6.5

Severity: LOW

Vulnerable Software

ID	Name	Product	Family	Severity
81187	VMware Workstation 10.x < 10.0.5 Multiple Vulnerabilities (VMSA-2015-0001 / VMSA-2015-0004) (Windows)	Nessus	Windows	high
81186	VMware Workstation 10.x < 10.0.5 Multiple Vulnerabilities (VMSA-2015-0001) (Linux)	Nessus	General	medium
81185	VMware Player 6.x < 6.0.5 Multiple Vulnerabilities (VMSA-2015-0001) (Windows)	Nessus	Windows	medium
81184	VMware Player 6.x < 6.0.5 Multiple Vulnerabilities (VMSA-2015-0001) (Linux)	Nessus	General	medium
81085	ESXi 5.5 < Build 2352327 Multiple Vulnerabilities (remote check) (POODLE)	Nessus	Misc.	high
81084	ESXi 5.1 < Build 1743201 Multiple Vulnerabilities (remote check)	Nessus	Misc.	medium
81079	VMSA-2015-0001 : VMware vCenter Server, ESXi, Workstation, Player, and Fusion updates address security issues (POODLE)	Nessus	VMware ESX Local Security Checks	high