CVE-2017-4904

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The XHCI controller in VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 has uninitialized memory usage. This issue may allow a guest to execute code on the host. The issue is reduced to a Denial of Service of the guest on ESXi 5.5.

References

http://www.securityfocus.com/bid/97165

http://www.securitytracker.com/id/1038148

http://www.securitytracker.com/id/1038149

http://www.vmware.com/security/advisories/VMSA-2017-0006.html

Details

Source: MITRE

Published: 2017-06-07

Updated: 2017-07-12

Type: CWE-119

Risk Information

CVSS v2

Base Score: 7.2

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 3.9

Severity: HIGH

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Impact Score: 6

Exploitability Score: 2

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:vmware:workstation_player:12.0.0:*:*:*:*:*:*:*

cpe:2.3:a:vmware:workstation_player:12.0.1:*:*:*:*:*:*:*

cpe:2.3:a:vmware:workstation_player:12.1.0:*:*:*:*:*:*:*

cpe:2.3:a:vmware:workstation_player:12.1.1:*:*:*:*:*:*:*

cpe:2.3:a:vmware:workstation_player:12.5.0:*:*:*:*:*:*:*

cpe:2.3:a:vmware:workstation_player:12.5.1:*:*:*:*:*:*:*

cpe:2.3:a:vmware:workstation_player:12.5.2:*:*:*:*:*:*:*

cpe:2.3:a:vmware:workstation_player:12.5.3:*:*:*:*:*:*:*

cpe:2.3:a:vmware:workstation_player:12.5.4:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:a:vmware:workstation_pro:12.0.0:*:*:*:*:*:*:*

cpe:2.3:a:vmware:workstation_pro:12.0.1:*:*:*:*:*:*:*

cpe:2.3:a:vmware:workstation_pro:12.1.0:*:*:*:*:*:*:*

cpe:2.3:a:vmware:workstation_pro:12.1.1:*:*:*:*:*:*:*

cpe:2.3:a:vmware:workstation_pro:12.5.0:*:*:*:*:*:*:*

cpe:2.3:a:vmware:workstation_pro:12.5.1:*:*:*:*:*:*:*

cpe:2.3:a:vmware:workstation_pro:12.5.2:*:*:*:*:*:*:*

cpe:2.3:a:vmware:workstation_pro:12.5.3:*:*:*:*:*:*:*

cpe:2.3:a:vmware:workstation_pro:12.5.4:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:a:vmware:fusion:8.0.0:*:*:*:*:*:*:*

cpe:2.3:a:vmware:fusion:8.0.1:*:*:*:*:*:*:*

cpe:2.3:a:vmware:fusion:8.0.2:*:*:*:*:*:*:*

cpe:2.3:a:vmware:fusion:8.1.0:*:*:*:*:*:*:*

cpe:2.3:a:vmware:fusion:8.1.1:*:*:*:*:*:*:*

cpe:2.3:a:vmware:fusion:8.5.0:*:*:*:*:*:*:*

cpe:2.3:a:vmware:fusion:8.5.1:*:*:*:*:*:*:*

cpe:2.3:a:vmware:fusion:8.5.2:*:*:*:*:*:*:*

cpe:2.3:a:vmware:fusion:8.5.3:*:*:*:*:*:*:*

cpe:2.3:a:vmware:fusion:8.5.4:*:*:*:*:*:*:*

cpe:2.3:a:vmware:fusion:8.5.5:*:*:*:*:*:*:*

Configuration 4

OR

cpe:2.3:o:vmware:esxi:5.5:*:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:*:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:u1:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:u2:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.0:u3:*:*:*:*:*:*

cpe:2.3:o:vmware:esxi:6.5:*:*:*:*:*:*:*

Tenable Plugins

View all (7 total)

IDNameProductFamilySeverity
99131ESXi 6.5 < Build 5224529 Multiple Vulnerabilities (VMSA-2017-0006) (remote check)NessusMisc.
high
99130ESXi 6.0 U1 < Build 5251621 / 6.0 U2 < Build 5251623 / 6.0 U3 < Build 5224934 Multiple Vulnerabilities (VMSA-2017-0006) (remote check)NessusMisc.
high
99129ESXi 5.5 < Build 5230635 Multiple Vulnerabilities (VMSA-2017-0006) (remote check)NessusMisc.
high
99105VMware Workstation 12.x < 12.5.5 Multiple Vulnerabilities (VMSA-2017-0006)NessusWindows
high
99104VMware Workstation 12.x < 12.5.5 Multiple Vulnerabilities (VMSA-2017-0006) (Linux)NessusGeneral
high
99103VMware Fusion 8.x < 8.5.6 Multiple Vulnerabilities (VMSA-2017-0006) (macOS)NessusMacOS X Local Security Checks
high
99102VMSA-2017-0006 : VMware ESXi, Workstation and Fusion updates address critical and moderate security issuesNessusVMware ESX Local Security Checks
high