Detections
Analytics
VMware Fusion 11.0.x < 11.5.7 Vulnerability (VMSA-2020-0029.1)
medium Nessus Plugin ID 150960
Language:
Synopsis
A virtualization application installed on the remote macOS or Mac OS X host is affected by a vulnerabilityDescription
The version of VMware Fusion installed on the remote macOS or Mac OS X host is 11.0.x prior to 11.5.7. It is, therefore, affected by a vulnerability. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.Solution
Update to VMware Fusion version 11.5.7, or later.See Also
https://www.vmware.com/security/advisories/VMSA-2020-0029.1.html
https://my.vmware.com/group/vmware/patch
http://www.nessus.org/u?be61d650
https://www.vmware.com/go/downloadworkstation
https://docs.vmware.com/en/VMware-Workstation-Pro/index.html
https://www.vmware.com/go/downloadplayer
https://docs.vmware.com/en/VMware-Workstation-Player/index.html
https://www.vmware.com/go/downloadfusion
https://docs.vmware.com/en/VMware-Fusion/index.html
Plugin Details
Severity: Medium
ID: 150960
File Name: macosx_fusion_vmsa_2020_0029_1.nasl
Version: 1.2
Type: local
Agent: macosx
Family: MacOS X Local Security Checks
Published: 6/23/2021
Updated: 6/23/2021
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 4.4
CVSS v2
Risk Factor: Low
Base Score: 2.1
Temporal Score: 1.6
Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P
CVSS Score Source: CVE-2020-3999
CVSS v3
Risk Factor: Medium
Base Score: 6.5
Temporal Score: 5.7
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:vmware:fusion
Required KB Items: Host/local_checks_enabled, installed_sw/VMware Fusion
Exploit Ease: No known exploits are available
Patch Publication Date: 12/17/2020
Vulnerability Publication Date: 12/17/2020
Reference Information
CVE: CVE-2020-3999
IAVA: 2021-A-0007
VMSA: 2020-0029.1