Vulnerabilities > CVE-2019-5527 - Use After Free vulnerability in VMWare products

047910
CVSS 7.2 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
local
low complexity
vmware
CWE-416
nessus

Summary

ESXi, Workstation, Fusion, VMRC and Horizon Client contain a use-after-free vulnerability in the virtual sound device. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.5.

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyVMware ESX Local Security Checks
    NASL idVMWARE_VMSA-2019-0014.NASL
    descriptionESXi use-after-free vulnerability - CVE-2019-5527 ESXi, Workstation, Fusion, VMRC and Horizon Client contain a use-after-free vulnerability in the virtual sound device. A local attacker with non-administrative access on the guest machine may exploit this issue to execute code on the host. This issue can only be exploited if a valid sound back-end is not connected.
    last seen2020-06-01
    modified2020-06-02
    plugin id129161
    published2019-09-23
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129161
    titleVMSA-2019-0014 : Use-after-free vulnerability
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from VMware Security Advisory 2019-0014. 
    # The text itself is copyright (C) VMware Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(129161);
      script_version("1.3");
      script_cvs_date("Date: 2019/12/24");
    
      script_cve_id("CVE-2019-5527");
      script_xref(name:"VMSA", value:"2019-0014");
    
      script_name(english:"VMSA-2019-0014 : Use-after-free vulnerability");
      script_summary(english:"Checks esxupdate output for the patches");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote VMware ESXi host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "ESXi use-after-free vulnerability - CVE-2019-5527
    
    ESXi, Workstation, Fusion, VMRC and Horizon Client contain a use-after-free vulnerability in the virtual sound device.
    
    A local attacker with non-administrative access on the guest machine may exploit this issue to execute code on the host. This issue can only be exploited if a valid sound back-end is not connected."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://lists.vmware.com/pipermail/security-announce/2019/000468.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply the missing patches.");
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:esxi:6.0");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:esxi:6.5");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:esxi:6.7");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/10/10");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/09/19");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/09/23");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"VMware ESX Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/VMware/release", "Host/VMware/version");
      script_require_ports("Host/VMware/esxupdate", "Host/VMware/esxcli_software_vibs");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("vmware_esx_packages.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/VMware/release")) audit(AUDIT_OS_NOT, "VMware ESX / ESXi");
    if (
      !get_kb_item("Host/VMware/esxcli_software_vibs") &&
      !get_kb_item("Host/VMware/esxupdate")
    ) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    init_esx_check(date:"2019-09-19");
    flag = 0;
    
    
    if (esx_check(ver:"ESXi 6.0", vib:"VMware:esx-base:6.0.0-3.125.14475122")) flag++;
    if (esx_check(ver:"ESXi 6.0", vib:"VMware:vsan:6.0.0-3.125.14292904")) flag++;
    if (esx_check(ver:"ESXi 6.0", vib:"VMware:vsanhealth:6.0.0-3000000.3.0.3.125.14292905")) flag++;
    
    if (esx_check(ver:"ESXi 6.5", vib:"VMware:esx-base:6.5.0-2.83.13004031")) flag++;
    if (esx_check(ver:"ESXi 6.5", vib:"VMware:esx-tboot:6.5.0-2.83.13004031")) flag++;
    if (esx_check(ver:"ESXi 6.5", vib:"VMware:vsan:6.5.0-2.83.12559347")) flag++;
    if (esx_check(ver:"ESXi 6.5", vib:"VMware:vsanhealth:6.5.0-2.83.12559353")) flag++;
    
    if (esx_check(ver:"ESXi 6.7", vib:"VMware:esx-base:6.7.0-1.44.12986307")) flag++;
    if (esx_check(ver:"ESXi 6.7", vib:"VMware:esx-update:6.7.0-1.44.12986307")) flag++;
    if (esx_check(ver:"ESXi 6.7", vib:"VMware:vsan:6.7.0-1.44.11399678")) flag++;
    if (esx_check(ver:"ESXi 6.7", vib:"VMware:vsanhealth:6.7.0-1.44.11399680")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:esx_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_FUSION_VMSA_2019_0014.NASL
    descriptionThe version of VMware Fusion installed on the remote macOS or Mac OS X host is 11.0.x prior to 11.5.0. It is, therefore, affected by the following issues: - A use-after-free error in the virtual sound device that allows a local attacker on the guest machine with low privileges to execute code on the host. (CVE-2019-5527) - A denial of service vulnerability caused by improper handling of some IPv6 packets. An attacker can exploit this vulnerability to disallow network access for all guest machines using the VMware NAT mode. To exploit this vulnerability, the attacker must send specially crafted IPv6 packets from a guest machine when IPv6 mode for VMNAT is enabled. (CVE-2019-5535) Note that Nessus has not tested for these issues but has instead relied only on the application
    last seen2020-06-01
    modified2020-06-02
    plugin id129496
    published2019-10-02
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129496
    titleVMware Fusion 11.0.x < 11.5.0 Multiple Vulnerabilities (VMSA-2019-0014)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(129496);
      script_version("1.4");
      script_cvs_date("Date: 2019/10/31 15:18:51");
    
      script_cve_id("CVE-2019-5527", "CVE-2019-5535");
      script_xref(name:"VMSA", value:"2019-0014");
      script_xref(name:"IAVA", value:"2019-A-0344");
    
      script_name(english:"VMware Fusion 11.0.x < 11.5.0 Multiple Vulnerabilities (VMSA-2019-0014)");
    
      script_set_attribute(attribute:"synopsis", value:
    "A virtualization application installed on the remote macOS or Mac OS X host is affected by multiple vulnerabilities");
      script_set_attribute(attribute:"description", value:
    "The version of VMware Fusion installed on the remote macOS or Mac OS X host is 11.0.x prior to 11.5.0. It is, therefore,
    affected by the following issues:
    
      - A use-after-free error in the virtual sound device that
        allows a local attacker on the guest machine with low
        privileges to execute code on the host. (CVE-2019-5527)
    
      - A denial of service vulnerability caused by improper
        handling of some IPv6 packets. An attacker can exploit
        this vulnerability to disallow network access for all
        guest machines using the VMware NAT mode. To exploit
        this vulnerability, the attacker must send specially
        crafted IPv6 packets from a guest machine when IPv6 mode
        for VMNAT is enabled. (CVE-2019-5535)
    
    Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
    number.");
      script_set_attribute(attribute:"see_also", value:"https://www.vmware.com/security/advisories/VMSA-2019-0014.html");
      script_set_attribute(attribute:"solution", value:
    "Update to VMware Fusion version 11.5.0, or later.");
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-5527");
    
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/09/19");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/09/19");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/10/02");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:vmware:fusion");
      script_set_attribute(attribute:"stig_severity", value:"I");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"MacOS X Local Security Checks");
    
      script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("macosx_fusion_detect.nasl");
      script_require_keys("Host/local_checks_enabled", "installed_sw/VMware Fusion");
    
      exit(0);
    }
    
    include('vcf.inc');
    
    
    app_info = vcf::get_app_info(app:'VMware Fusion');
    
    constraints = [
      { 'min_version' : '11.0', 'fixed_version' : '11.5.0' }
    ];
    
    vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);
    
  • NASL familyMisc.
    NASL idVMWARE_ESXI_VMSA-2019-0014.NASL
    descriptionThe remote VMware ESXi host is version 6.0, 6.5 or 6.7 and is affected by a use-after-free error in the virtual sound device that allows a local attacker on the guest machine with low privileges to execute code on the host. Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-01
    modified2020-06-02
    plugin id129497
    published2019-10-02
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129497
    titleESXi 6.0 / 6.5 / 6.7 Use-After-Free (VMSA-2019-0014)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(129497);
      script_version("1.4");
      script_cvs_date("Date: 2019/10/31 15:18:51");
    
      script_cve_id("CVE-2019-5527");
      script_xref(name:"VMSA", value:"2019-0014");
      script_xref(name:"IAVA", value:"2019-A-0344");
    
      script_name(english:"ESXi 6.0 / 6.5 / 6.7 Use-After-Free (VMSA-2019-0014)");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote VMware ESXi host is missing a security patch and is affected by a use-after-free error.");
      script_set_attribute(attribute:"description", value:
    "The remote VMware ESXi host is version 6.0, 6.5 or 6.7 and is affected by a use-after-free error in the virtual sound
    device that allows a local attacker on the guest machine with low privileges to execute code on the host.
    
    Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
    number.");
      script_set_attribute(attribute:"see_also", value:"https://www.vmware.com/security/advisories/VMSA-2019-0014.html");
      script_set_attribute(attribute:"solution", value:
    "Apply the appropriate patch as referenced in the vendor advisory.");
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-5527");
    
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/09/19");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/09/19");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/10/02");
    
      script_set_attribute(attribute:"potential_vulnerability", value:"true");
      script_set_attribute(attribute:"plugin_type", value:"remote");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:esxi");
      script_set_attribute(attribute:"stig_severity", value:"I");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Misc.");
    
      script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("vmware_vsphere_detect.nbin");
      script_require_keys("Settings/ParanoidReport", "Host/VMware/version", "Host/VMware/release");
    
      exit(0);
    }
    
    include('audit.inc');
    include('global_settings.inc');
    include('misc_func.inc');
    
    if (report_paranoia < 2) audit(AUDIT_PARANOID);
    
    fixes = make_array(
      '6.0', '14513180',
      '6.5', '13004031',
      '6.7', '12986307'
    );
    
    rel = get_kb_item_or_exit('Host/VMware/release');
    if ('ESXi' >!< rel) audit(AUDIT_OS_NOT, 'ESXi');
    
    ver = get_kb_item_or_exit('Host/VMware/version');
    
    match = pregmatch(pattern:'^ESXi? ([0-9]+\\.[0-9]+).*$', string:ver);
    if (isnull(match)) audit(AUDIT_UNKNOWN_BUILD, 'VMware ESXi', '6.0 / 6.5 / 6.7');
    ver = match[1];
    
    if (ver !~ '^6\\.(0|5|7)$') audit(AUDIT_OS_NOT, 'ESXi 6.0 / 6.5 / 6.7');
    
    fixed_build = int(fixes[ver]);
    
    if (empty_or_null(fixed_build)) audit(AUDIT_VER_FORMAT, ver);
    
    match = pregmatch(pattern:'^VMware ESXi.*build-([0-9]+)$', string:rel);
    if (isnull(match)) audit(AUDIT_UNKNOWN_BUILD, 'VMware ESXi', '6.0 / 6.5 / 6.7');
    
    build = int(match[1]);
    
    if (build >= fixed_build) audit(AUDIT_INST_VER_NOT_VULN, 'VMware ESXi', ver + ' build ' + build);
    
    report = '\n  ESXi version    : ' + ver +
             '\n  Installed build : ' + build +
             '\n  Fixed build     : ' + fixed_build +
             '\n';
    
    security_report_v4(port:0, severity:SECURITY_HOLE, extra:report);
    
  • NASL familyMisc.
    NASL idVMWARE_HORIZON_VIEW_CLIENT_VMSA_2019_0014.NASL
    descriptionThe version of VMware Horizon View Client installed on the remote host is 5.x prior to 5.2.0. It is, therefore, affected by a use-after-free error in the virtual sound device that allows a local attacker on the guest machine with low privileges to execute code on the host. Note that Nessus has not tested for these issues but has instead relied only on the application
    last seen2020-06-01
    modified2020-06-02
    plugin id129498
    published2019-10-02
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129498
    titleVMware Horizon View Client 5.x < 5.2.0 Use-After-Free (VMSA-2019-0014)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(129498);
      script_version("1.4");
      script_cvs_date("Date: 2019/10/31 15:18:51");
    
      script_cve_id("CVE-2019-5527");
      script_xref(name:"VMSA", value:"2019-0014");
      script_xref(name:"IAVA", value:"2019-A-0344");
    
      script_name(english:"VMware Horizon View Client 5.x < 5.2.0 Use-After-Free (VMSA-2019-0014)");
      script_summary(english:"Checks the VMware Horizon View Client version.");
    
      script_set_attribute(attribute:"synopsis", value:
    "A virtualization application installed on the remote host is affected by a use-after-free error.");
      script_set_attribute(attribute:"description", value:
    "The version of VMware Horizon View Client installed on the remote host is 5.x prior to 5.2.0. It is, therefore,
    affected by a use-after-free error in the virtual sound device that allows a local attacker on the guest machine with
    low privileges to execute code on the host.
    
    Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
    number.");
      script_set_attribute(attribute:"see_also", value:"https://www.vmware.com/security/advisories/VMSA-2019-0014.html");
      script_set_attribute(attribute:"solution", value:
    "Update to Horizon View Client version 5.2.0, or later.");
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-5527");
    
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/09/19");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/09/19");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/10/02");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:vmware:horizon_view_client");
      script_set_attribute(attribute:"stig_severity", value:"I");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Misc.");
    
      script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("vmware_horizon_view_client_installed_nix.nbin", "vmware_horizon_view_client_installed.nbin", "macosx_vmware_horizon_view_client_installed.nbin");
      script_require_keys("installed_sw/VMware Horizon View Client");
    
      exit(0);
    }
    
    include('vcf.inc');
    
    if (get_kb_item("SMB/Registry/Enumerated")) win_local = TRUE;
    
    app_info = vcf::get_app_info(app:'VMware Horizon View Client', win_local:win_local);
    
    constraints = [{ 'min_version' : '5', 'fixed_version' : '5.2.0' }];
    
    vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);
    
  • NASL familyGeneral
    NASL idVMWARE_WORKSTATION_VMSA_2019_0014.NASL
    descriptionThe version of VMware Workstation installed on the remote host is 15.0.x prior to 15.5.0. It is, therefore, affected by the following issues: - A use-after-free error in the virtual sound device that allows a local attacker on the guest machine with low privileges to execute code on the host. (CVE-2019-5527) - A denial of service vulnerability caused by improper handling of some IPv6 packets. An attacker can exploit this vulnerability to disallow network access for all guest machines using the VMware NAT mode. To exploit this vulnerability, the attacker must send specially crafted IPv6 packets from a guest machine when IPv6 mode for VMNAT is enabled. (CVE-2019-5535) Note that Nessus has not tested for these issues but has instead relied only on the application
    last seen2020-06-01
    modified2020-06-02
    plugin id129495
    published2019-10-02
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129495
    titleVMware Workstation 15.0.x < 15.5.0 Multiple Vulnerabilities (VMSA-2019-0014)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(129495);
      script_version("1.5");
      script_cvs_date("Date: 2019/10/31 15:18:51");
    
      script_cve_id("CVE-2019-5527", "CVE-2019-5535");
      script_xref(name:"VMSA", value:"2019-0014");
      script_xref(name:"IAVA", value:"2019-A-0344");
    
      script_name(english:"VMware Workstation 15.0.x < 15.5.0 Multiple Vulnerabilities (VMSA-2019-0014)");
    
      script_set_attribute(attribute:"synopsis", value:
    "A virtualization application installed on the remote host is affected by multiple vulnerabilities");
      script_set_attribute(attribute:"description", value:
    "The version of VMware Workstation installed on the remote host is 15.0.x prior to 15.5.0. It is, therefore, affected by
    the following issues:
    
      - A use-after-free error in the virtual sound device that
        allows a local attacker on the guest machine with low
        privileges to execute code on the host. (CVE-2019-5527)
    
      - A denial of service vulnerability caused by improper
        handling of some IPv6 packets. An attacker can exploit
        this vulnerability to disallow network access for all
        guest machines using the VMware NAT mode. To exploit
        this vulnerability, the attacker must send specially
        crafted IPv6 packets from a guest machine when IPv6 mode
        for VMNAT is enabled. (CVE-2019-5535)
    
    Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
    number.");
      script_set_attribute(attribute:"see_also", value:"https://www.vmware.com/security/advisories/VMSA-2019-0014.html");
      script_set_attribute(attribute:"solution", value:
    "Update to VMware Workstation version 15.5.0, or later.");
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-5527");
    
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/09/19");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/09/19");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/10/02");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:vmware:workstation");
      script_set_attribute(attribute:"stig_severity", value:"I");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"General");
    
      script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("vmware_workstation_detect.nasl", "vmware_workstation_linux_installed.nbin");
      script_require_keys("installed_sw/VMware Workstation");
    
      exit(0);
    }
    
    include('vcf.inc');
    
    if (get_kb_item("SMB/Registry/Enumerated")) win_local = TRUE;
    
    app_info = vcf::get_app_info(app:'VMware Workstation', win_local:win_local);
    
    constraints = [
      { 'min_version' : '15.0', 'fixed_version' : '15.5.0' }
    ];
    
    vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);