The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
VMware ESXi 6.5 without patch ESXi650-201707101-SG, ESXi 6.0 without patch ESXi600-201706101-SG, ESXi 5.5 without patch ESXi550-201709101-SG, Workstation (12.x before 12.5.3), Fusion (8.x before 8.5.4) contain a NULL pointer dereference vulnerability. This issue occurs when handling guest RPC requests. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs.
Base Score: 2.1
Impact Score: 2.9
Exploitability Score: 3.9
Base Score: 5.5
Impact Score: 3.6
Exploitability Score: 1.8
|103380||VMware Workstation 12.x < 12.5.7 Multiple Vulnerabilities (VMSA-2017-0015)||Nessus||Windows|
|103379||VMware Workstation 12.x < 12.5.7 Multiple Vulnerabilities (VMSA-2017-0015) (Linux)||Nessus||General|
|103376||ESXi 6.5 < Build 5969300 Multiple Vulnerabilities (VMSA-2017-0015) (remote check)||Nessus||Misc.|
|103375||ESXi 5.5 < Build 6480267 RPC NULL Pointer Dereference Vulnerability (VMSA-2017-0015) (remote check)||Nessus||Misc.|
|103373||VMware Fusion 8.x < 8.5.4 DoS Vulnerability (VMSA-2017-0015) (macOS)||Nessus||MacOS X Local Security Checks|
|103357||VMSA-2017-0015 : VMware ESXi, vCenter Server, Fusion and Workstation updates resolve multiple security vulnerabilities||Nessus||VMware ESX Local Security Checks|
|102698||ESXi 6.0 < Build 5485776 Multiple Vulnerabilities (VMSA-2017-0015) (remote check)||Nessus||Misc.|