CVE-2020-3999

VMware ESXi (7.0 prior to ESXi70U1c-17325551), VMware Workstation (16.x prior to 16.0 and 15.x prior to 15.5.7), VMware Fusion (12.x prior to 12.0 and 11.x prior to 11.5.7) and VMware Cloud Foundation contain a denial of service vulnerability due to improper input validation in GuestInfo. A malicious actor with normal user privilege access to a virtual machine can crash the virtual machine's vmx process leading to a denial of service condition.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:*:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*

Information

Published : 2020-12-21 08:15

Updated : 2021-07-21 04:39


NVD link : CVE-2020-3999

Mitre link : CVE-2020-3999


JSON object : View

CWE
CWE-20

Improper Input Validation

Advertisement

dedicated server usa

Products Affected

apple

  • mac_os_x

vmware

  • workstation
  • fusion
  • esxi