CVE-2015-1044

vmware-authd (aka the Authorization process) in VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, and VMware ESXi 5.0 through 5.5 allows attackers to cause a host OS denial of service via unspecified vectors.

CVSS v2.0 3.3 LOW

3.3^/10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:A/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 6.5 / Impact : 2.9

Access Vector ADJACENT_NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://secunia.com/advisories/62551
http://secunia.com/advisories/62569
http://secunia.com/advisories/62669
http://www.securityfocus.com/bid/72336	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1031645	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1031646	Third Party Advisory VDB Entry
http://www.vmware.com/security/advisories/VMSA-2015-0001.html	Patch Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/100935
http://secunia.com/advisories/62551
http://secunia.com/advisories/62569
http://secunia.com/advisories/62669
http://www.securityfocus.com/bid/72336	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1031645	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1031646	Third Party Advisory VDB Entry
http://www.vmware.com/security/advisories/VMSA-2015-0001.html	Patch Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/100935

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:vmware:workstation:10.0:::::::*
	cpe:2.3:a:vmware:workstation:10.0.1:::::::*
	cpe:2.3:a:vmware:workstation:10.0.2:::::::*
	cpe:2.3:a:vmware:workstation:10.0.3:::::::*
	cpe:2.3:a:vmware:workstation:10.0.4:::::::*

Configuration 2 (hide)

OR	cpe:2.3:o:vmware:esxi:5.0:::::::*
	cpe:2.3:o:vmware:esxi:5.0:1::::::
	cpe:2.3:o:vmware:esxi:5.0:2::::::
	cpe:2.3:o:vmware:esxi:5.1:::::::*
	cpe:2.3:o:vmware:esxi:5.1:1::::::
	cpe:2.3:o:vmware:esxi:5.5:::::::*

Configuration 3 (hide)

OR	cpe:2.3:a:vmware:player:6.0:::::::*
	cpe:2.3:a:vmware:player:6.0.1:::::::*
	cpe:2.3:a:vmware:player:6.0.2:::::::*
	cpe:2.3:a:vmware:player:6.0.3:::::::*
	cpe:2.3:a:vmware:player:6.0.4:::::::*

History

21 Nov 2024, 02:24

Type	Values Removed	Values Added
References	~~() http://secunia.com/advisories/62551 -~~	() http://secunia.com/advisories/62551 -
References	~~() http://secunia.com/advisories/62569 -~~	() http://secunia.com/advisories/62569 -
References	~~() http://secunia.com/advisories/62669 -~~	() http://secunia.com/advisories/62669 -
References	~~() http://www.securityfocus.com/bid/72336 - Third Party Advisory, VDB Entry~~	() http://www.securityfocus.com/bid/72336 - Third Party Advisory, VDB Entry
References	~~() http://www.securitytracker.com/id/1031645 - Third Party Advisory, VDB Entry~~	() http://www.securitytracker.com/id/1031645 - Third Party Advisory, VDB Entry
References	~~() http://www.securitytracker.com/id/1031646 - Third Party Advisory, VDB Entry~~	() http://www.securitytracker.com/id/1031646 - Third Party Advisory, VDB Entry
References	~~() http://www.vmware.com/security/advisories/VMSA-2015-0001.html - Patch, Vendor Advisory~~	() http://www.vmware.com/security/advisories/VMSA-2015-0001.html - Patch, Vendor Advisory
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/100935 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/100935 -

Information

Published : 2015-01-29 18:59

Updated : 2024-11-21 02:24

NVD link : CVE-2015-1044

Mitre link : CVE-2015-1044

CVE.ORG link : CVE-2015-1044

JSON object : View

Products Affected

vmware

esxi
workstation
player

CWE

NVD-CWE-noinfo

3.3 /10