fkie_cve-2017-4904
Vulnerability from fkie_nvd
Published
2017-06-07 18:29
Modified
2025-04-20 01:37
Severity ?
8.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Summary
The XHCI controller in VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 has uninitialized memory usage. This issue may allow a guest to execute code on the host. The issue is reduced to a Denial of Service of the guest on ESXi 5.5.
References
security@vmware.comhttp://www.securityfocus.com/bid/97165Third Party Advisory, VDB Entry
security@vmware.comhttp://www.securitytracker.com/id/1038148Third Party Advisory, VDB Entry
security@vmware.comhttp://www.securitytracker.com/id/1038149Third Party Advisory, VDB Entry
security@vmware.comhttp://www.vmware.com/security/advisories/VMSA-2017-0006.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/97165Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1038148Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1038149Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/security/advisories/VMSA-2017-0006.htmlVendor Advisory
Impacted products
Vendor Product Version
vmware fusion *
vmware fusion_pro *
apple mac_os_x -
vmware workstation_player *
vmware workstation_pro *
vmware esxi 5.5
vmware esxi 5.5
vmware esxi 5.5
vmware esxi 5.5
vmware esxi 5.5
vmware esxi 6.0
vmware esxi 6.0
vmware esxi 6.0
vmware esxi 6.0
vmware esxi 6.0
vmware esxi 6.0
vmware esxi 6.0
vmware esxi 6.5


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C05F1671-5010-4BB5-BFA7-217FBB946B59",
              "versionEndExcluding": "8.5.6",
              "versionStartIncluding": "8.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:fusion_pro:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB3E0004-E6F1-4C0D-9B24-A7F1AF4BCBD8",
              "versionEndExcluding": "8.5.6",
              "versionStartIncluding": "8.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:vmware:workstation_player:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DB0B91B-F8F6-456F-8FBD-7B98A9ABA95A",
              "versionEndExcluding": "12.5.5",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation_pro:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "17F1AB0A-CD31-4FE7-AE1F-4C6A111D1C62",
              "versionEndExcluding": "12.5.5",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:vmware:esxi:5.5:-:*:*:*:*:*:*",
              "matchCriteriaId": "BB90FDCA-A848-4D4D-8A6F-FD04D702EC85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:vmware:esxi:5.5:1:*:*:*:*:*:*",
              "matchCriteriaId": "4DC223AC-EB3D-48CF-A6CC-D35E00A38394",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:vmware:esxi:5.5:2:*:*:*:*:*:*",
              "matchCriteriaId": "75C8E87E-A869-49F8-89F9-DE64A45CDB35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:vmware:esxi:5.5:3a:*:*:*:*:*:*",
              "matchCriteriaId": "E7F8878C-F73D-4549-9607-74880176D2B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:vmware:esxi:5.5:3b:*:*:*:*:*:*",
              "matchCriteriaId": "E47D369F-13B2-42B3-BB74-60AAD0954B26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:vmware:esxi:6.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "3E8861F4-D390-4738-BBF0-9EE4684E9667",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:vmware:esxi:6.0:1:*:*:*:*:*:*",
              "matchCriteriaId": "52403C80-3022-4E5B-B16A-24B116D1E6B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:vmware:esxi:6.0:1a:*:*:*:*:*:*",
              "matchCriteriaId": "FBECED2E-05FD-492E-8B57-9BB8ADA82444",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:vmware:esxi:6.0:1b:*:*:*:*:*:*",
              "matchCriteriaId": "3C3FBBA4-01FA-45B5-AEDF-FFFE941163FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:vmware:esxi:6.0:2:*:*:*:*:*:*",
              "matchCriteriaId": "A63E3C72-3145-4661-BBCD-8A67EC0CDDF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:vmware:esxi:6.0:3:*:*:*:*:*:*",
              "matchCriteriaId": "9159F6E1-6A36-4D3C-85B1-2205B90CD244",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:vmware:esxi:6.0:3a:*:*:*:*:*:*",
              "matchCriteriaId": "C2C08C24-FBAC-49B8-AABF-4FF8BADA3412",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*",
              "matchCriteriaId": "FBA15143-734D-4889-8B5A-2445A2DDDD4B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The XHCI controller in VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 has uninitialized memory usage. This issue may allow a guest to execute code on the host. The issue is reduced to a Denial of Service of the guest on ESXi 5.5."
    },
    {
      "lang": "es",
      "value": "El controlador XHCI en ESXi versiones 6.5 sin parche ESXi650-201703410-SG, 6.0 U3 sin parche ESXi600-201703401-SG, 6.0 U2 sin parche ESXi600-201703403-SG, 6.0 U1 sin parche ESXi600-201703402-SG, y 5.5 sin parche ESXi550 -201703401-SG;  Workstation Pro / Player versiones 12.x anteriores a 12.5.5; y Fusion Pro / Fusion versiones 8.x anteriores a 8.5.6 de VMware, presenta un uso de memoria no inicializada. Este problema puede permitir a un invitado ejecutar c\u00f3digo en el host. El problema es reducido a una Denegaci\u00f3n de Servicio del invitado en ESXi versi\u00f3n 5.5."
    }
  ],
  "id": "CVE-2017-4904",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.0,
        "impactScore": 6.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-06-07T18:29:00.397",
  "references": [
    {
      "source": "security@vmware.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/97165"
    },
    {
      "source": "security@vmware.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1038148"
    },
    {
      "source": "security@vmware.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1038149"
    },
    {
      "source": "security@vmware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vmware.com/security/advisories/VMSA-2017-0006.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/97165"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1038148"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1038149"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vmware.com/security/advisories/VMSA-2017-0006.html"
    }
  ],
  "sourceIdentifier": "security@vmware.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.