CVE-2018-6957

VMware Workstation (14.x before 14.1.1, 12.x) and Fusion (10.x before 10.1.1 and 8.x) contain a denial-of-service vulnerability which can be triggered by opening a large number of VNC sessions. Note: In order for exploitation to be possible on Workstation and Fusion, VNC must be manually enabled.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.3 MEDIUM
NETWORK
HIGH
LOW
CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
vmwareCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 62%
VendorProductVersion
vmwareworkstation_pro
14.0 ≤
𝑥
< 14.1.1
vmwareworkstation_pro
12.0
vmwareworkstation_pro
12.1
vmwareworkstation_pro
12.01
vmwareworkstation_pro
12.1.1
vmwareworkstation_pro
12.5
vmwareworkstation_pro
12.5.1
vmwareworkstation_pro
12.5.2
vmwareworkstation_pro
12.5.3
vmwareworkstation_pro
12.5.4
vmwareworkstation_pro
12.5.5
vmwareworkstation_pro
12.5.6
vmwareworkstation_pro
12.5.7
vmwareworkstation_player
14.0 ≤
𝑥
< 14.1.1
vmwareworkstation_player
12.0
vmwareworkstation_player
12.0.1
vmwareworkstation_player
12.1
vmwareworkstation_player
12.1.1
vmwareworkstation_player
12.5
vmwareworkstation_player
12.5.1
vmwareworkstation_player
12.5.2
vmwareworkstation_player
12.5.3
vmwareworkstation_player
12.5.4
vmwareworkstation_player
12.5.5
vmwareworkstation_player
12.5.6
vmwareworkstation_player
12.5.7
vmwarefusion
8.0
vmwarefusion
8.0.1
vmwarefusion
8.0.2
vmwarefusion
8.1
vmwarefusion
8.1.1
vmwarefusion
8.5
vmwarefusion
8.5.1
vmwarefusion
8.5.2
vmwarefusion
8.5.3
vmwarefusion
8.5.4
vmwarefusion
8.5.5
vmwarefusion
8.5.6
vmwarefusion
8.5.7
vmwarefusion
8.5.8
vmwarefusion
10.0 ≤
𝑥
< 10.1.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/103431
http://www.securitytracker.com/id/1040539
https://www.vmware.com/security/advisories/VMSA-2018-0008.html
http://www.securityfocus.com/bid/103431
http://www.securitytracker.com/id/1040539
https://www.vmware.com/security/advisories/VMSA-2018-0008.html