| Vulnerability Name: | CVE-2015-1043 (CCN-100934) |
| Assigned: | 2015-01-27 |
| Published: | 2015-01-27 |
| Updated: | 2017-09-08 |
| Summary: | The Host Guest File System (HGFS) in VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, and VMware Fusion 6.x before 6.0.5 and 7.x before 7.0.1 allows guest OS users to cause a guest OS denial of service via unspecified vectors.
|
| CVSS v3 Severity: | 4.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)| Exploitability Metrics: | Attack Vector (AV): Adjacent
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None | | Scope: | Scope (S): Unchanged
| | Impact Metrics: | Confidentiality (C): None
Integrity (I): None
Availibility (A): Low |
|
| CVSS v2 Severity: | 3.3 Low (CVSS v2 Vector: AV:A/AC:L/Au:N/C:N/I:N/A:P)
2.4 Low (Temporal CVSS v2 Vector: AV:A/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)| Exploitability Metrics: | Access Vector (AV): Adjacent_Network
Access Complexity (AC): Low
Authentication (Au): None | | Impact Metrics: | Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial |
3.3 Low (CCN CVSS v2 Vector: AV:A/AC:L/Au:N/C:N/I:N/A:P)
2.4 Low (CCN Temporal CVSS v2 Vector: AV:A/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)| Exploitability Metrics: | Access Vector (AV): Adjacent_Network
Access Complexity (AC): Low
Athentication (Au): None
| | Impact Metrics: | Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial |
|
| Vulnerability Type: | CWE-20
|
| Vulnerability Consequences: | Denial of Service |
| References: | Source: MITRE
Type: CNA
CVE-2015-1043
Source: CCN
Type: Full Disclosure Mailing List, Tue, 27 Jan 2015 23:56:04 +0000
NEW VMSA-2015-0001 - VMware vCenter Server, ESXi, Workstation, Player, and Fusion updates address resolve security issues
Source: SECUNIA
Type: UNKNOWN
62551
Source: BID
Type: Third Party Advisory, VDB Entry
72337
Source: CCN
Type: BID-72337
Multiple VMware Products CVE-2015-1043 Denial Of Service Vulnerability
Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1031644
Source: CCN
Type: VMware Security Advisory VMSA-2015-0001
VMware vCenter Server, ESXi, Workstation, Player, and Fusion updates address security issues
Source: CONFIRM
Type: Patch, Vendor Advisory
http://www.vmware.com/security/advisories/VMSA-2015-0001.html
Source: XF
Type: UNKNOWN
vmware-cve20151043-dos(100934)
Source: XF
Type: UNKNOWN
vmware-cve20151043-dos(100934)
|
| Vulnerable Configuration: | Configuration 1:
cpe:/a:vmware:fusion:6.0:*:*:*:*:*:*:*OR cpe:/a:vmware:fusion:6.0.1:*:*:*:*:*:*:*OR cpe:/a:vmware:fusion:6.0.2:*:*:*:*:*:*:*OR cpe:/a:vmware:fusion:6.0.3:*:*:*:*:*:*:*OR cpe:/a:vmware:fusion:6.0.4:*:*:*:*:*:*:*OR cpe:/a:vmware:fusion:7.0:*:*:*:*:*:*:*
Configuration 2:
cpe:/a:vmware:workstation:10.0:*:*:*:*:*:*:*OR cpe:/a:vmware:workstation:10.0.1:*:*:*:*:*:*:*OR cpe:/a:vmware:workstation:10.0.2:*:*:*:*:*:*:*OR cpe:/a:vmware:workstation:10.0.3:*:*:*:*:*:*:*OR cpe:/a:vmware:workstation:10.0.4:*:*:*:*:*:*:*
Configuration 3:
cpe:/a:vmware:player:6.0:*:*:*:*:*:*:*OR cpe:/a:vmware:player:6.0.1:*:*:*:*:*:*:*OR cpe:/a:vmware:player:6.0.2:*:*:*:*:*:*:*OR cpe:/a:vmware:player:6.0.3:*:*:*:*:*:*:*OR cpe:/a:vmware:player:6.0.4:*:*:*:*:*:*:*
Configuration CCN 1:
cpe:/a:vmware:workstation:10.0.1:*:*:*:*:*:*:*OR cpe:/a:vmware:player:6.0.1:*:*:*:*:*:*:*OR cpe:/a:vmware:fusion:6.0.2:*:*:*:*:*:*:*OR cpe:/a:vmware:workstation:10.0:*:*:*:*:*:*:*OR cpe:/a:vmware:workstation:10.0.2:*:*:*:*:*:*:*OR cpe:/a:vmware:workstation:10.0.3:*:*:*:*:*:*:*OR cpe:/a:vmware:workstation:10.0.4:*:*:*:*:*:*:*OR cpe:/a:vmware:fusion:6.0:*:*:*:*:*:*:*OR cpe:/a:vmware:fusion:6.0.1:*:*:*:*:*:*:*OR cpe:/a:vmware:fusion:6.0.3:*:*:*:*:*:*:*OR cpe:/a:vmware:fusion:6.0.4:*:*:*:*:*:*:*OR cpe:/a:vmware:player:6.0:*:*:*:*:*:*:*OR cpe:/a:vmware:player:6.0.2:*:*:*:*:*:*:*OR cpe:/a:vmware:player:6.0.3:*:*:*:*:*:*:*OR cpe:/a:vmware:player:6.0.4:*:*:*:*:*:*:*OR cpe:/a:vmware:fusion:7.0:*:*:*:*:*:*:*
 Denotes that component is vulnerable |
| BACK |