CVE-2018-6972

VMware ESXi (6.7 before ESXi670-201806401-BG, 6.5 before ESXi650-201806401-BG, 6.0 before ESXi600-201806401-BG and 5.5 before ESXi550-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain a denial-of-service vulnerability due to NULL pointer dereference issue in RPC handler. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
vmwareCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 82%
VendorProductVersion
vmwareworkstation
14.0 ≤
𝑥
< 14.1.2
vmwarefusion
10.0 ≤
𝑥
< 10.1.2
vmwareesxi
5.5
vmwareesxi
5.5:1
vmwareesxi
5.5:2
vmwareesxi
5.5:3a
vmwareesxi
5.5:3b
vmwareesxi
5.5:550-20170901001s
vmwareesxi
5.5:550-20170904001
vmwareesxi
6.0
vmwareesxi
6.0:1
vmwareesxi
6.0:1a
vmwareesxi
6.0:1b
vmwareesxi
6.0:2
vmwareesxi
6.0:3
vmwareesxi
6.0:3a
vmwareesxi
6.0:600-201504401
vmwareesxi
6.0:600-201505401
vmwareesxi
6.0:600-201507101
vmwareesxi
6.0:600-201507102
vmwareesxi
6.0:600-201507401
vmwareesxi
6.0:600-201507402
vmwareesxi
6.0:600-201507403
vmwareesxi
6.0:600-201507404
vmwareesxi
6.0:600-201507405
vmwareesxi
6.0:600-201507406
vmwareesxi
6.0:600-201507407
vmwareesxi
6.0:600-201509101
vmwareesxi
6.0:600-201509102
vmwareesxi
6.0:600-201509201
vmwareesxi
6.0:600-201509202
vmwareesxi
6.0:600-201509203
vmwareesxi
6.0:600-201509204
vmwareesxi
6.0:600-201509205
vmwareesxi
6.0:600-201509206
vmwareesxi
6.0:600-201509207
vmwareesxi
6.0:600-201509208
vmwareesxi
6.0:600-201509209
vmwareesxi
6.0:600-201509210
vmwareesxi
6.0:600-201510401
vmwareesxi
6.0:600-201511401
vmwareesxi
6.0:600-201601101
vmwareesxi
6.0:600-201601102
vmwareesxi
6.0:600-201601401
vmwareesxi
6.0:600-201601402
vmwareesxi
6.0:600-201601403
vmwareesxi
6.0:600-201601404
vmwareesxi
6.0:600-201601405
vmwareesxi
6.0:600-201602401
vmwareesxi
6.0:600-201603101
vmwareesxi
6.0:600-201603102
vmwareesxi
6.0:600-201603201
vmwareesxi
6.0:600-201603202
vmwareesxi
6.0:600-201603203
vmwareesxi
6.0:600-201603204
vmwareesxi
6.0:600-201603205
vmwareesxi
6.0:600-201603206
vmwareesxi
6.0:600-201603207
vmwareesxi
6.0:600-201603208
vmwareesxi
6.0:600-201605401
vmwareesxi
6.0:600-201608101
vmwareesxi
6.0:600-201608401
vmwareesxi
6.0:600-201608402
vmwareesxi
6.0:600-201608403
vmwareesxi
6.0:600-201608404
vmwareesxi
6.0:600-201608405
vmwareesxi
6.0:600-201610410
vmwareesxi
6.0:600-201611401
vmwareesxi
6.0:600-201611402
vmwareesxi
6.0:600-201611403
vmwareesxi
6.0:600-201702101
vmwareesxi
6.0:600-201702102
vmwareesxi
6.0:600-201702201
vmwareesxi
6.0:600-201702202
vmwareesxi
6.0:600-201702203
vmwareesxi
6.0:600-201702204
vmwareesxi
6.0:600-201702205
vmwareesxi
6.0:600-201702206
vmwareesxi
6.0:600-201702207
vmwareesxi
6.0:600-201702208
vmwareesxi
6.0:600-201702209
vmwareesxi
6.0:600-201702210
vmwareesxi
6.0:600-201702211
vmwareesxi
6.0:600-201702212
vmwareesxi
6.0:600-201703401
vmwareesxi
6.0:600-201706101
vmwareesxi
6.0:600-201706102
vmwareesxi
6.0:600-201706103
vmwareesxi
6.5
vmwareesxi
6.5:2
vmwareesxi
6.5:650-201701001
vmwareesxi
6.5:650-201703001
vmwareesxi
6.5:650-201703002
vmwareesxi
6.5:650-201704001
vmwareesxi
6.5:650-201707101
vmwareesxi
6.5:650-201707102
vmwareesxi
6.5:650-201707103
vmwareesxi
6.5:650-201707201
vmwareesxi
6.5:650-201707202
vmwareesxi
6.5:650-201707203
vmwareesxi
6.5:650-201707204
vmwareesxi
6.5:650-201707205
vmwareesxi
6.5:650-201707206
vmwareesxi
6.5:650-201707207
vmwareesxi
6.5:650-201707208
vmwareesxi
6.5:650-201707209
vmwareesxi
6.5:650-201707210
vmwareesxi
6.5:650-201707211
vmwareesxi
6.5:650-201707212
vmwareesxi
6.5:650-201707213
vmwareesxi
6.5:650-201707214
vmwareesxi
6.5:650-201707215
vmwareesxi
6.5:650-201707216
vmwareesxi
6.5:650-201707217
vmwareesxi
6.5:650-201707218
vmwareesxi
6.5:650-201707219
vmwareesxi
6.5:650-201707220
vmwareesxi
6.5:650-201707221
vmwareesxi
6.5:650-201710001
vmwareesxi
6.5:650-201712001
vmwareesxi
6.5:650-201803001
vmwareesxi
6.5:650-201806001
vmwareesxi
6.7
vmwareesxi
6.7:670-201806001
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/104884
http://www.securitytracker.com/id/1041356
http://www.securitytracker.com/id/1041357
https://www.vmware.com/security/advisories/VMSA-2018-0018.html
http://www.securityfocus.com/bid/104884
http://www.securitytracker.com/id/1041356
http://www.securitytracker.com/id/1041357
https://www.vmware.com/security/advisories/VMSA-2018-0018.html