The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
The XHCI controller in VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 has uninitialized memory usage. This issue may allow a guest to execute code on the host. The issue is reduced to a Denial of Service of the guest on ESXi 5.5.
Base Score: 7.2
Impact Score: 10
Exploitability Score: 3.9
Base Score: 8.8
Impact Score: 6
Exploitability Score: 2
|99131||ESXi 6.5 < Build 5224529 Multiple Vulnerabilities (VMSA-2017-0006) (remote check)||Nessus||Misc.|
|99130||ESXi 6.0 U1 < Build 5251621 / 6.0 U2 < Build 5251623 / 6.0 U3 < Build 5224934 Multiple Vulnerabilities (VMSA-2017-0006) (remote check)||Nessus||Misc.|
|99129||ESXi 5.5 < Build 5230635 Multiple Vulnerabilities (VMSA-2017-0006) (remote check)||Nessus||Misc.|
|99105||VMware Workstation 12.x < 12.5.5 Multiple Vulnerabilities (VMSA-2017-0006)||Nessus||Windows|
|99104||VMware Workstation 12.x < 12.5.5 Multiple Vulnerabilities (VMSA-2017-0006) (Linux)||Nessus||General|
|99103||VMware Fusion 8.x < 8.5.6 Multiple Vulnerabilities (VMSA-2017-0006) (macOS)||Nessus||MacOS X Local Security Checks|
|99102||VMSA-2017-0006 : VMware ESXi, Workstation and Fusion updates address critical and moderate security issues||Nessus||VMware ESX Local Security Checks|