Vulnerabilities > CVE-2018-6972 - NULL Pointer Dereference vulnerability in VMWare Esxi, Fusion and Workstation
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
VMware ESXi (6.7 before ESXi670-201806401-BG, 6.5 before ESXi650-201806401-BG, 6.0 before ESXi600-201806401-BG and 5.5 before ESXi550-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain a denial-of-service vulnerability due to NULL pointer dereference issue in RPC handler. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 11 | |
OS | 1 | |
OS | 122 |
Common Weakness Enumeration (CWE)
Nessus
NASL family Misc. NASL id VMWARE_ESXI_VMSA-2018-0018.NASL description The remote VMware ESXi host is version 5.5, 6.0, 6.5, or 6.7 and is missing a security patch. It is, therefore, vulnerable to a denial of service vulnerability. The vulnerability exists in the RPC handler due to a NULL pointer dereference issue. An authenticated, remote attacker can exploit this issue to cause VMs to stop responding. last seen 2020-03-27 modified 2020-03-24 plugin id 134878 published 2020-03-24 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134878 title VMware ESXi 5.5 / 6.0 / 6.5 / 6.7 DoS (VMSA-2018-0018) (remote check) NASL family VMware ESX Local Security Checks NASL id VMWARE_VMSA-2018-0018.NASL description a. VMware Horizon View Agent local information disclosure vulnerability VMware Horizon View Agents contain a local information disclosure vulnerability due to insecure logging of credentials in the vmmsi.log file when an account other than the currently logged on user is specified during installation (including silent installations). Successful exploitation of this issue may allow low privileged users access to the credentials specified during the Horizon View Agent installation. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2018-6971 to this issue. b. ESXi, Workstation, and Fusion denial-of-service vulnerability VMware ESXi, Workstation, and Fusion contain a denial-of-service vulnerability due to NULL pointer dereference issue in RPC handler. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs. VMware would like to thank Hahna Latonick and Kevin Fujimoto working with Trend Micro last seen 2020-06-01 modified 2020-06-02 plugin id 111350 published 2018-07-26 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/111350 title VMSA-2018-0018 : VMware Horizon View Agent, VMware ESXi, Workstation, and Fusion updates resolve multiple security issues
References
- http://www.securityfocus.com/bid/104884
- http://www.securityfocus.com/bid/104884
- http://www.securitytracker.com/id/1041356
- http://www.securitytracker.com/id/1041356
- http://www.securitytracker.com/id/1041357
- http://www.securitytracker.com/id/1041357
- https://www.vmware.com/security/advisories/VMSA-2018-0018.html
- https://www.vmware.com/security/advisories/VMSA-2018-0018.html