CVE-2018-6957

VMware Workstation (14.x before 14.1.1, 12.x) and Fusion (10.x before 10.1.1 and 8.x) contain a denial-of-service vulnerability which can be triggered by opening a large number of VNC sessions. Note: In order for exploitation to be possible on Workstation and Fusion, VNC must be manually enabled.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
vmwareCNA
5.3 MEDIUM
NETWORK
HIGH
LOW
CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 59%
Affected Products (NVD)
VendorProductVersion
vmwareworkstation_pro
14.0 ≤
𝑥
< 14.1.1
vmwareworkstation_pro
12.0
vmwareworkstation_pro
12.1
vmwareworkstation_pro
12.01
vmwareworkstation_pro
12.1.1
vmwareworkstation_pro
12.5
vmwareworkstation_pro
12.5.1
vmwareworkstation_pro
12.5.2
vmwareworkstation_pro
12.5.3
vmwareworkstation_pro
12.5.4
vmwareworkstation_pro
12.5.5
vmwareworkstation_pro
12.5.6
vmwareworkstation_pro
12.5.7
vmwareworkstation_player
14.0 ≤
𝑥
< 14.1.1
vmwareworkstation_player
12.0
vmwareworkstation_player
12.0.1
vmwareworkstation_player
12.1
vmwareworkstation_player
12.1.1
vmwareworkstation_player
12.5
vmwareworkstation_player
12.5.1
vmwareworkstation_player
12.5.2
vmwareworkstation_player
12.5.3
vmwareworkstation_player
12.5.4
vmwareworkstation_player
12.5.5
vmwareworkstation_player
12.5.6
vmwareworkstation_player
12.5.7
vmwarefusion
8.0
vmwarefusion
8.0.1
vmwarefusion
8.0.2
vmwarefusion
8.1
vmwarefusion
8.1.1
vmwarefusion
8.5
vmwarefusion
8.5.1
vmwarefusion
8.5.2
vmwarefusion
8.5.3
vmwarefusion
8.5.4
vmwarefusion
8.5.5
vmwarefusion
8.5.6
vmwarefusion
8.5.7
vmwarefusion
8.5.8
vmwarefusion
10.0 ≤
𝑥
< 10.1.1
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
vmwareworkstation
12.0 ≤
𝑥
< 13.0
CNA
vmwareworkstation
8.0 ≤
𝑥
< 9.0
CNA
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/103431
http://www.securitytracker.com/id/1040539
https://www.vmware.com/security/advisories/VMSA-2018-0008.html
http://www.securityfocus.com/bid/103431
http://www.securitytracker.com/id/1040539
https://www.vmware.com/security/advisories/VMSA-2018-0008.html