CVE-2017-4925

VMware ESXi 6.5 without patch ESXi650-201707101-SG, ESXi 6.0 without patch ESXi600-201706101-SG, ESXi 5.5 without patch ESXi550-201709101-SG, Workstation (12.x before 12.5.3), Fusion (8.x before 8.5.4) contain a NULL pointer dereference vulnerability. This issue occurs when handling guest RPC requests. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
vmwareCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 41%
VendorProductVersion
vmwareesxi
5.5
vmwareesxi
5.5:1
vmwareesxi
5.5:2
vmwareesxi
5.5:3a
vmwareesxi
5.5:3b
vmwareesxi
5.5:550-20170901001s
vmwareesxi
6.0
vmwareesxi
6.0:1
vmwareesxi
6.0:1a
vmwareesxi
6.0:1b
vmwareesxi
6.0:2
vmwareesxi
6.0:3
vmwareesxi
6.0:3a
vmwareesxi
6.0:600-201504401
vmwareesxi
6.0:600-201505401
vmwareesxi
6.0:600-201507101
vmwareesxi
6.0:600-201507102
vmwareesxi
6.0:600-201507401
vmwareesxi
6.0:600-201507402
vmwareesxi
6.0:600-201507403
vmwareesxi
6.0:600-201507404
vmwareesxi
6.0:600-201507405
vmwareesxi
6.0:600-201507406
vmwareesxi
6.0:600-201507407
vmwareesxi
6.0:600-201509101
vmwareesxi
6.0:600-201509102
vmwareesxi
6.0:600-201509201
vmwareesxi
6.0:600-201509202
vmwareesxi
6.0:600-201509203
vmwareesxi
6.0:600-201509204
vmwareesxi
6.0:600-201509205
vmwareesxi
6.0:600-201509206
vmwareesxi
6.0:600-201509207
vmwareesxi
6.0:600-201509208
vmwareesxi
6.0:600-201509209
vmwareesxi
6.0:600-201509210
vmwareesxi
6.0:600-201510401
vmwareesxi
6.0:600-201511401
vmwareesxi
6.0:600-201601101
vmwareesxi
6.0:600-201601102
vmwareesxi
6.0:600-201601401
vmwareesxi
6.0:600-201601402
vmwareesxi
6.0:600-201601403
vmwareesxi
6.0:600-201601404
vmwareesxi
6.0:600-201601405
vmwareesxi
6.0:600-201602401
vmwareesxi
6.0:600-201603101
vmwareesxi
6.0:600-201603102
vmwareesxi
6.0:600-201603201
vmwareesxi
6.0:600-201603202
vmwareesxi
6.0:600-201603203
vmwareesxi
6.0:600-201603204
vmwareesxi
6.0:600-201603205
vmwareesxi
6.0:600-201603206
vmwareesxi
6.0:600-201603207
vmwareesxi
6.0:600-201603208
vmwareesxi
6.0:600-201605401
vmwareesxi
6.0:600-201608101
vmwareesxi
6.0:600-201608401
vmwareesxi
6.0:600-201608402
vmwareesxi
6.0:600-201608403
vmwareesxi
6.0:600-201608404
vmwareesxi
6.0:600-201608405
vmwareesxi
6.0:600-201610410
vmwareesxi
6.0:600-201611401
vmwareesxi
6.0:600-201611402
vmwareesxi
6.0:600-201611403
vmwareesxi
6.0:600-201702101
vmwareesxi
6.0:600-201702102
vmwareesxi
6.0:600-201702201
vmwareesxi
6.0:600-201702202
vmwareesxi
6.0:600-201702203
vmwareesxi
6.0:600-201702204
vmwareesxi
6.0:600-201702205
vmwareesxi
6.0:600-201702206
vmwareesxi
6.0:600-201702207
vmwareesxi
6.0:600-201702208
vmwareesxi
6.0:600-201702209
vmwareesxi
6.0:600-201702210
vmwareesxi
6.0:600-201702211
vmwareesxi
6.0:600-201702212
vmwareesxi
6.0:600-201703401
vmwareesxi
6.5
vmwareesxi
6.5:650-201701001
vmwareesxi
6.5:650-201703001
vmwareesxi
6.5:650-201703002
vmwareesxi
6.5:650-201704001
vmwareworkstation
12.0.0 ≤
𝑥
< 12.5.3
vmwareworkstation_pro
12.0.0 ≤
𝑥
< 12.5.3
vmwarefusion
8.0.0 ≤
𝑥
< 8.5.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/100842
http://www.securitytracker.com/id/1039367
http://www.securitytracker.com/id/1039368
https://www.vmware.com/security/advisories/VMSA-2017-0015.html
http://www.securityfocus.com/bid/100842
http://www.securitytracker.com/id/1039367
http://www.securitytracker.com/id/1039368
https://www.vmware.com/security/advisories/VMSA-2017-0015.html