Vulnerabilities > CVE-2018-6972 - NULL Pointer Dereference vulnerability in VMWare Esxi, Fusion and Workstation

CVSS 4.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

vmware

CWE-476

nessus

NVD

Published: 2018-07-25

Updated: 2022-06-02

Summary

VMware ESXi (6.7 before ESXi670-201806401-BG, 6.5 before ESXi650-201806401-BG, 6.0 before ESXi600-201806401-BG and 5.5 before ESXi550-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain a denial-of-service vulnerability due to NULL pointer dereference issue in RPC handler. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs.

Vulnerable Configurations

Part	Description	Count
Application	Vmware Vmware Workstation 14.0 Vmware Workstation 14.0.0 Vmware Workstation 14.1 Vmware Workstation 14.1.0 Vmware Workstation 14.1.1 Vmware Fusion 10.0 Vmware Fusion 10.0.0 Vmware Fusion 10.0.1 Vmware Fusion 10.1.0 Vmware Fusion 10.1.1	11
OS	Apple Apple MAC OS X -	1
OS	Vmware Vmware Esxi 6.0 Vmware Esxi 6.5 Vmware Esxi 6.7 Vmware Esxi 5.5	122

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

Nessus

NASL family	Misc.
NASL id	VMWARE_ESXI_VMSA-2018-0018.NASL
description	The remote VMware ESXi host is version 5.5, 6.0, 6.5, or 6.7 and is missing a security patch. It is, therefore, vulnerable to a denial of service vulnerability. The vulnerability exists in the RPC handler due to a NULL pointer dereference issue. An authenticated, remote attacker can exploit this issue to cause VMs to stop responding.
last seen	2020-03-27
modified	2020-03-24
plugin id	134878
published	2020-03-24
reporter	This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/134878
title	VMware ESXi 5.5 / 6.0 / 6.5 / 6.7 DoS (VMSA-2018-0018) (remote check)

NASL family	VMware ESX Local Security Checks
NASL id	VMWARE_VMSA-2018-0018.NASL
description	a. VMware Horizon View Agent local information disclosure vulnerability VMware Horizon View Agents contain a local information disclosure vulnerability due to insecure logging of credentials in the vmmsi.log file when an account other than the currently logged on user is specified during installation (including silent installations). Successful exploitation of this issue may allow low privileged users access to the credentials specified during the Horizon View Agent installation. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2018-6971 to this issue. b. ESXi, Workstation, and Fusion denial-of-service vulnerability VMware ESXi, Workstation, and Fusion contain a denial-of-service vulnerability due to NULL pointer dereference issue in RPC handler. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs. VMware would like to thank Hahna Latonick and Kevin Fujimoto working with Trend Micro
last seen	2020-06-01
modified	2020-06-02
plugin id	111350
published	2018-07-26
reporter	This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/111350
title	VMSA-2018-0018 : VMware Horizon View Agent, VMware ESXi, Workstation, and Fusion updates resolve multiple security issues

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Nessus

References