CVE-2017-4941

VMware ESXi (6.0 before ESXi600-201711101-SG, 5.5 ESXi550-201709101-SG), Workstation (12.x before 12.5.8), and Fusion (8.x before 8.5.9) contain a vulnerability that could allow an authenticated VNC session to cause a stack overflow via a specific set of VNC packets. Successful exploitation of this issue could result in remote code execution in a virtual machine via the authenticated VNC session. Note: In order for exploitation to be possible in ESXi, VNC must be manually enabled in a virtual machine's .vmx configuration file. In addition, ESXi must be configured to allow VNC traffic through the built-in firewall.

CVSS v3.0 8.8 HIGH
CVSS v2.0 6.0 MEDIUM

8.8^/10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

6.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:S/C:P/I:P/A:P

Exploitability : 6.8 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://www.vmware.com/security/advisories/VMSA-2017-0021.html	Issue Tracking Patch Vendor Advisory
http://www.securitytracker.com/id/1040025	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1040024	Third Party Advisory VDB Entry

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*

Configuration 3 (hide)

OR	cpe:2.3:o:vmware:esxi:5.5:-::::::
	cpe:2.3:o:vmware:esxi:5.5:550-20170901001s::::::
	cpe:2.3:o:vmware:esxi:5.5:550-20170904001::::::

Configuration 4 (hide)

OR	cpe:2.3:o:vmware:esxi:6.0:-::::::
	cpe:2.3:o:vmware:esxi:6.0:1::::::
	cpe:2.3:o:vmware:esxi:6.0:1a::::::
	cpe:2.3:o:vmware:esxi:6.0:1b::::::
	cpe:2.3:o:vmware:esxi:6.0:2::::::
	cpe:2.3:o:vmware:esxi:6.0:3::::::
	cpe:2.3:o:vmware:esxi:6.0:3a::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201504401::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201505401::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201507101::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201507102::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201507401::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201507402::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201507403::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201507404::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201507405::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201507406::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201507407::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201509101::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201509102::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201509201::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201509202::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201509203::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201509204::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201509205::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201509206::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201509207::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201509208::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201509209::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201509210::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201510401::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201511401::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201601101::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201601102::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201601401::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201601402::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201601403::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201601404::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201601405::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201602401::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201603101::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201603102::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201603201::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201603202::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201603203::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201603204::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201603205::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201603206::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201603207::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201603208::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201605401::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201608101::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201608401::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201608402::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201608403::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201608404::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201608405::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201610410::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201611401::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201611402::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201611403::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201702101::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201702102::::::
	cpe:2.3:o:vmware:esxi:6.0:600-201702201::::::
cpe:2.3:o:vmware:esxi:6.0:600-201702202::::::
cpe:2.3:o:vmware:esxi:6.0:600-201702203::::::
cpe:2.3:o:vmware:esxi:6.0:600-201702204::::::
cpe:2.3:o:vmware:esxi:6.0:600-201702205::::::
cpe:2.3:o:vmware:esxi:6.0:600-201702206::::::
cpe:2.3:o:vmware:esxi:6.0:600-201702207::::::
cpe:2.3:o:vmware:esxi:6.0:600-201702208::::::
cpe:2.3:o:vmware:esxi:6.0:600-201702209::::::
cpe:2.3:o:vmware:esxi:6.0:600-201702210::::::
cpe:2.3:o:vmware:esxi:6.0:600-201702211::::::
cpe:2.3:o:vmware:esxi:6.0:600-201702212::::::
cpe:2.3:o:vmware:esxi:6.0:600-201703401::::::
cpe:2.3:o:vmware:esxi:6.0:600-201706101::::::
cpe:2.3:o:vmware:esxi:6.0:600-201706102::::::
cpe:2.3:o:vmware:esxi:6.0:600-201706103::::::
cpe:2.3:o:vmware:esxi:6.0:600-201706401::::::
cpe:2.3:o:vmware:esxi:6.0:600-201706402::::::
cpe:2.3:o:vmware:esxi:6.0:600-201706403::::::
cpe:2.3:o:vmware:esxi:6.0:600-201710301::::::

Information

Published : 2017-12-20 07:29

Updated : 2022-02-03 11:47

NVD link : CVE-2017-4941

Mitre link : CVE-2017-4941

JSON object : View

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

Products Affected

apple

mac_os_x

vmware

workstation
esxi
fusion

8.8 /10