CVE-2018-6972

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2018-6972
VMware ESXi (6.7 before ESXi670-201806401-BG, 6.5 before ESXi650-201806401-BG, 6.0 before ESXi600-201806401-BG and 5.5 before ESXi550-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain a denial-of-service vulnerability due to NULL pointer dereference issue in RPC handler. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs.

6.5 /10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

4.0 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:S/C:N/I:N/A:P

Exploitability : 8.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References
Link Resource
https://www.vmware.com/security/advisories/VMSA-2018-0018.html Patch Vendor Advisory
http://www.securityfocus.com/bid/104884 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1041357 Broken Link Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1041356 Broken Link Third Party Advisory VDB Entry
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:vmware:esxi:6.0:-:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.5:650-201707201:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.5:650-201707202:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.5:650-201707203:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.5:650-201707204:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.5:650-201707205:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.5:650-201707206:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.5:650-201707207:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.5:650-201707208:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.7:-:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.7:670-201806001:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.5:650-201701001:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.5:650-201703001:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.5:650-201707101:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.5:650-201707102:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.5:650-201707103:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.5:650-201707209:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.5:650-201707210:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.5:650-201707211:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.5:650-201707212:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.5:650-201707213:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.5:650-201707214:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.5:650-201707215:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.5:650-201707216:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.5:650-201707217:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.5:650-201707218:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.5:650-201707219:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.5:650-201707220:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.5:650-201707221:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.5:2:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.5:650-201703002:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.5:650-201704001:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.5:650-201710001:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.5:650-201712001:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.5:650-201803001:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.5:650-201806001:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201504401:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201505401:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201507101:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201507102:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201507401:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201507402:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201507403:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201507404:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201507405:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201507406:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201507407:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201509101:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201509102:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201509201:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201509202:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201509203:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201509204:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201509205:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201509206:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201509207:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201509208:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201509209:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201509210:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201510401:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201511401:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201601101:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201601102:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201601401:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201601402:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201601403:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201601404:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201601405:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201602401:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:5.5:-:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:5.5:1:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:5.5:2:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:5.5:3a:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:5.5:3b:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:5.5:550-20170901001s:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:1:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:1a:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:1b:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:2:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:3:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:3a:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201603101:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201603102:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201603201:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201603202:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201603203:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201603204:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201603205:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201603206:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201603207:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201603208:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201605401:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201608101:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201608401:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201608402:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201608403:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201608404:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201608405:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201610410:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201611401:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201611402:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201611403:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201702101:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201702102:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201702201:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201702202:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201702203:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201702204:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201702205:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201702206:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201702207:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201702208:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201702209:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201702210:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201702211:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201702212:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201703401:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201706101:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201706102:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:6.0:600-201706103:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:5.5:550-20170904001:*:*:*:*:*:*
Information

Published : 2018-07-25 06:29

Updated : 2022-06-02 12:20

NVD link : CVE-2018-6972

Mitre link : CVE-2018-6972

JSON object : View

CWE
CWE-476

NULL Pointer Dereference

Advertisement

dedicated server usa
Products Affected

apple

  • mac_os_x

vmware

  • workstation
  • esxi
  • fusion