CVE-2018-6972 Information
Feb 14, 2021
cve
Description
VMware ESXi (6.7 before ESXi670-201806401-BG 6.5 before ESXi650-201806401-BG 6.0 before ESXi600-201806401-BG and 5.5 before ESXi550-201806401-BG) Workstation (14.x before 14.1.2) and Fusion (10.x before 10.1.2) contain a denial-of-service vulnerability due to NULL pointer dereference issue in RPC handler. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs.
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Reference
http://www.securityfocus.com/bid/104884 http://www.securitytracker.com/id/1041356 http://www.securitytracker.com/id/1041357 https://www.vmware.com/security/advisories/VMSA-2018-0018.html
Attack Complexity
LOW
Privileges Required
LOW
User Interaction Required
LOW
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
NONE
Availability Impact
NONE
Base Score
HIGH
Base Severity
6.5
Share on: