Vulnerability CVE-2014-8370
Published: 2015-01-29

Description:
VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, VMware Fusion 6.x before 6.0.5, and VMware ESXi 5.0 through 5.5 allow host OS users to gain host OS privileges or cause a denial of service (arbitrary write to a file) by modifying a configuration file.

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.4/10
4.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
Partial
Partial
Affected software
Vmware -> Fusion 
Vmware -> Player 
Vmware -> Workstation 
Vmware -> ESXI 

 References:
http://jvn.jp/en/jp/JVN88252465/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2015-000007
http://www.securityfocus.com/bid/72338
http://www.securitytracker.com/id/1031642
http://www.securitytracker.com/id/1031643
http://www.vmware.com/security/advisories/VMSA-2015-0001.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/100933
Copyright 2024, cxsecurity.com

 

Back to Top