Vulnerability CVE-2018-6969
Published: 2018-07-13

Description:
VMware Tools (10.x and prior before 10.3.0) contains an out-of-bounds read vulnerability in HGFS. Successful exploitation of this issue may lead to information disclosure or may allow attackers to escalate their privileges on the guest VMs. In order to be able to exploit this issue, file sharing must be enabled.

Type:

CWE-125

 (Out-of-bounds Read)

CVSS2 => (AV:L/AC:M/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.4/10
6.4/10
3.4/10
Exploit range
Attack complexity
Authentication
Local
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Vmware -> Tools 

 References:
http://www.securityfocus.com/bid/104737
http://www.securitytracker.com/id/1041291
https://www.vmware.com/security/advisories/VMSA-2018-0017.html
Copyright 2024, cxsecurity.com

 

Back to Top