Vulnerabilities > CVE-2022-31681 - NULL Pointer Dereference vulnerability in VMWare Esxi

CVSS 6.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

vmware

CWE-476

NVD

Published: 2022-10-07

Updated: 2022-10-11

Summary

VMware ESXi contains a null-pointer deference vulnerability. A malicious actor with privileges within the VMX process only, may create a denial of service condition on the host.

Vulnerable Configurations

Part	Description	Count
OS	Vmware Vmware Esxi 7.0 Vmware Esxi 3.0 Vmware Esxi 3.5 Vmware Esxi 4.0 Vmware Esxi 4.1 Vmware Esxi 5.0 Vmware Esxi 5.1 Vmware Esxi 5.5 Vmware Esxi 5.5.0 Vmware Esxi 6.0 Vmware Esxi 6.0.0 Vmware Esxi 6.5 Vmware Esxi 6.5.0 Vmware Esxi 6.7	474
Application	Vmware Vmware Cloud Foundation 4.2 Vmware Cloud Foundation 4.2.1 Vmware Cloud Foundation 4.3 Vmware Cloud Foundation 4.3.1 Vmware Cloud Foundation 4.4.1 Vmware Cloud Foundation 4.4.1.1 Vmware Cloud Foundation 4.4	7

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

References

https://www.vmware.com/security/advisories/VMSA-2022-0025.html