CVE-2019-5519
Vulnerability from cvelistv5
Published
2019-04-01 20:39
Modified
2024-08-04 20:01
Severity ?
Summary
VMware ESXi (6.7 before ESXi670-201903001, 6.5 before ESXi650-201903001, 6.0 before ESXi600-201903001), Workstation (15.x before 15.0.4, 14.x before 14.1.7), Fusion (11.x before 11.0.3, 10.x before 10.1.6) contain a Time-of-check Time-of-use (TOCTOU) vulnerability in the virtual USB 1.1 UHCI (Universal Host Controller Interface). Exploitation of this issue requires an attacker to have access to a virtual machine with a virtual USB controller present. This issue may allow a guest to execute code on the host.
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T20:01:51.426Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "107535",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/107535"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/152290/VMware-Security-Advisory-2019-0005.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.vmware.com/security/advisories/VMSA-2019-0005.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-420/"
          },
          {
            "name": "108443",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108443"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "VMware ESXi, Workstation, Fusion",
          "vendor": "VMware",
          "versions": [
            {
              "status": "affected",
              "version": "ESXi 6.7 before ESXi670-201903001"
            },
            {
              "status": "affected",
              "version": "ESXi 6.5 before ESXi650-201903001"
            },
            {
              "status": "affected",
              "version": "ESXi 6.0 before ESXi600-201903001"
            },
            {
              "status": "affected",
              "version": "Workstation 15.x before 15.0.4"
            },
            {
              "status": "affected",
              "version": "Workstation 14.x before 14.1.7"
            },
            {
              "status": "affected",
              "version": "Fusion 11.x before 11.0.3"
            },
            {
              "status": "affected",
              "version": "Fusion 10.x before 10.1.6"
            }
          ]
        }
      ],
      "datePublic": "2019-03-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "VMware ESXi (6.7 before ESXi670-201903001, 6.5 before ESXi650-201903001, 6.0 before ESXi600-201903001), Workstation (15.x before 15.0.4, 14.x before 14.1.7), Fusion (11.x before 11.0.3, 10.x before 10.1.6) contain a Time-of-check Time-of-use (TOCTOU) vulnerability in the virtual USB 1.1 UHCI (Universal Host Controller Interface). Exploitation of this issue requires an attacker to have access to a virtual machine with a virtual USB controller present. This issue may allow a guest to execute code on the host."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Time-of-check Time-of-use (TOCTOU) vulnerability",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-24T11:06:04",
        "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
        "shortName": "vmware"
      },
      "references": [
        {
          "name": "107535",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/107535"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/152290/VMware-Security-Advisory-2019-0005.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.vmware.com/security/advisories/VMSA-2019-0005.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-420/"
        },
        {
          "name": "108443",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108443"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@vmware.com",
          "ID": "CVE-2019-5519",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "VMware ESXi, Workstation, Fusion",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "ESXi 6.7 before ESXi670-201903001"
                          },
                          {
                            "version_value": "ESXi 6.5 before ESXi650-201903001"
                          },
                          {
                            "version_value": "ESXi 6.0 before ESXi600-201903001"
                          },
                          {
                            "version_value": "Workstation 15.x before 15.0.4"
                          },
                          {
                            "version_value": "Workstation 14.x before 14.1.7"
                          },
                          {
                            "version_value": "Fusion 11.x before 11.0.3"
                          },
                          {
                            "version_value": "Fusion 10.x before 10.1.6"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "VMware"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "VMware ESXi (6.7 before ESXi670-201903001, 6.5 before ESXi650-201903001, 6.0 before ESXi600-201903001), Workstation (15.x before 15.0.4, 14.x before 14.1.7), Fusion (11.x before 11.0.3, 10.x before 10.1.6) contain a Time-of-check Time-of-use (TOCTOU) vulnerability in the virtual USB 1.1 UHCI (Universal Host Controller Interface). Exploitation of this issue requires an attacker to have access to a virtual machine with a virtual USB controller present. This issue may allow a guest to execute code on the host."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Time-of-check Time-of-use (TOCTOU) vulnerability"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "107535",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/107535"
            },
            {
              "name": "http://packetstormsecurity.com/files/152290/VMware-Security-Advisory-2019-0005.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/152290/VMware-Security-Advisory-2019-0005.html"
            },
            {
              "name": "https://www.vmware.com/security/advisories/VMSA-2019-0005.html",
              "refsource": "CONFIRM",
              "url": "https://www.vmware.com/security/advisories/VMSA-2019-0005.html"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-420/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-420/"
            },
            {
              "name": "108443",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108443"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
    "assignerShortName": "vmware",
    "cveId": "CVE-2019-5519",
    "datePublished": "2019-04-01T20:39:47",
    "dateReserved": "2019-01-07T00:00:00",
    "dateUpdated": "2024-08-04T20:01:51.426Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2019-5519\",\"sourceIdentifier\":\"security@vmware.com\",\"published\":\"2019-04-01T21:30:44.000\",\"lastModified\":\"2020-08-24T17:37:01.140\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"VMware ESXi (6.7 before ESXi670-201903001, 6.5 before ESXi650-201903001, 6.0 before ESXi600-201903001), Workstation (15.x before 15.0.4, 14.x before 14.1.7), Fusion (11.x before 11.0.3, 10.x before 10.1.6) contain a Time-of-check Time-of-use (TOCTOU) vulnerability in the virtual USB 1.1 UHCI (Universal Host Controller Interface). Exploitation of this issue requires an attacker to have access to a virtual machine with a virtual USB controller present. This issue may allow a guest to execute code on the host.\"},{\"lang\":\"es\",\"value\":\"VMware ESXi (en las versiones 6.7 anteriores a la ESXi670-201903001, en las 6.5 anteriores a la ESXi650-201903001 y en las 6.0 anteriores a la ESXi600-201903001), Workstation (en las versiones 15.x anteriores a la 15.0.4 y en las 14.x anteriores a la 14.1.7), Fusion (en las versiones 11.x anteriores a la 11.0.3 y en las 10.x anteriores a la 10.1.6) contiene una vulnerabilidad de time-of-check time-of-use (TOCTOU) en la UHCI virtual (Universal Host Controller Interface) de USB 1.1. La explotaci\u00f3n de este fallo requiere que el atacante tenga acceso a una m\u00e1quina virtual con un controlador USB virtual presente. Este problema puede permitir que un invitado ejecute c\u00f3digo en el host\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"attackVector\":\"PHYSICAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":6.8,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":0.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\",\"baseScore\":7.2},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-367\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.0.0\",\"versionEndExcluding\":\"10.1.6\",\"matchCriteriaId\":\"1BEBF6D2-4832-46F0-A0B1-4B47FDCFD6BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0.0\",\"versionEndExcluding\":\"11.0.3\",\"matchCriteriaId\":\"D1D88E61-CE5C-467A-A720-F4DCFC248134\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.0.0\",\"versionEndExcluding\":\"14.1.7\",\"matchCriteriaId\":\"09B11AFA-BA40-40C7-9F8E-6CB1A7DAE369\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.0.0\",\"versionEndExcluding\":\"15.0.4\",\"matchCriteriaId\":\"D0F08B22-5048-4A6C-9250-6A3593A4570F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E8861F4-D390-4738-BBF0-9EE4684E9667\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.0:600-201811001:*:*:*:*:*:*\",\"matchCriteriaId\":\"0BC70488-A435-43BE-AEF4-30CBA36CBC03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.0:600-201811401:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B37DC7D-A1C6-468F-A42E-160CE226FF7D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"FBA15143-734D-4889-8B5A-2445A2DDDD4B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707101:*:*:*:*:*:*\",\"matchCriteriaId\":\"75FAFF86-C65F-4723-8A63-BACE2F797937\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707102:*:*:*:*:*:*\",\"matchCriteriaId\":\"DBC31DE3-ACFE-422F-B253-2FE4AAFE3954\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707103:*:*:*:*:*:*\",\"matchCriteriaId\":\"B30B3EA4-495F-4915-B6E3-5FB9277C2DE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707201:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FA9E337-B4F3-4895-BA58-962F8CDEE73E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707202:*:*:*:*:*:*\",\"matchCriteriaId\":\"830B0BC1-A368-49AC-B6C9-B000972EF92A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707203:*:*:*:*:*:*\",\"matchCriteriaId\":\"614394F3-3BEE-4E12-AABF-436D54A04313\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707204:*:*:*:*:*:*\",\"matchCriteriaId\":\"350FD3CE-8B64-4FCF-82DE-BE941156F4F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707205:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9EAE177-6C7E-4C1B-ADEE-2C036F731272\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707206:*:*:*:*:*:*\",\"matchCriteriaId\":\"DFFEEC31-8462-4DF9-A1DA-D7057C209CBA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707207:*:*:*:*:*:*\",\"matchCriteriaId\":\"0AC6BC16-0A1D-44B3-BA68-63EA05EDD54B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707208:*:*:*:*:*:*\",\"matchCriteriaId\":\"942DAD67-9455-4D02-BD3B-BFD2DE7A7E52\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707209:*:*:*:*:*:*\",\"matchCriteriaId\":\"7ACC1A72-F6B6-430A-AB89-AB0A11587F58\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707210:*:*:*:*:*:*\",\"matchCriteriaId\":\"45111C74-BF6F-4C05-A0D3-CE325AD0C02B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707211:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1CE5849-01B1-4E36-83E8-496A3F328C9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707212:*:*:*:*:*:*\",\"matchCriteriaId\":\"A879BA05-3A80-4EBC-AA9D-9B53695425B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707213:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D65A0E8-A1E0-42F3-B77D-2F32979278BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707214:*:*:*:*:*:*\",\"matchCriteriaId\":\"80C10150-39BA-4818-B48F-8645D4A0D316\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707215:*:*:*:*:*:*\",\"matchCriteriaId\":\"9792B986-86EF-40E0-9427-A45F858717E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707216:*:*:*:*:*:*\",\"matchCriteriaId\":\"37EDD688-C91A-4A35-913A-82E156ADD242\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707217:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CC1AC0E-8D3F-46C0-BDA9-EB9DC9971F57\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707218:*:*:*:*:*:*\",\"matchCriteriaId\":\"47DA50DA-7CA4-4B76-8B3B-A5732509F71D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707219:*:*:*:*:*:*\",\"matchCriteriaId\":\"76EB1A04-0645-4909-AEF9-33D6FADA4793\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707220:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1A35723-D968-42D6-89EB-86CA550516E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707221:*:*:*:*:*:*\",\"matchCriteriaId\":\"C3AC8A19-F98E-48F1-A1EA-EAA1C7208335\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201811001:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7DF3ED7-FA3F-4EBC-99AC-B7AD20E85927\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201811301:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE1372AD-2853-4BED-BB71-6BACB28B95C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2792D06-A73E-4A56-A152-82E1AD4E707D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810101:*:*:*:*:*:*\",\"matchCriteriaId\":\"EDA4AE4C-3BA8-472D-950A-3C8684565CD8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810102:*:*:*:*:*:*\",\"matchCriteriaId\":\"6AA3617D-B911-4BC5-B544-B31D4F43D2B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810103:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDC6E0F6-83DF-4670-8D04-A41C7DC1B881\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810201:*:*:*:*:*:*\",\"matchCriteriaId\":\"047A71B3-CDFB-41F3-B2DE-11360DAE5744\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810202:*:*:*:*:*:*\",\"matchCriteriaId\":\"F88691FD-F263-4B75-BF21-481BC1623C3C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810203:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2A47CDA-D3DD-4E0F-8268-32A188EA1D94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810204:*:*:*:*:*:*\",\"matchCriteriaId\":\"36A67476-2E8E-4104-9F10-7AE42F82508F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810205:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED029F1A-96D0-4EF2-9148-FC98E8B8FDCC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810206:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2283675-582F-44A8-833B-B5B439CBFA1E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810207:*:*:*:*:*:*\",\"matchCriteriaId\":\"94C4A188-6B00-48C4-B7E2-9F70811BF618\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810208:*:*:*:*:*:*\",\"matchCriteriaId\":\"F82943E9-E2D0-49F4-BD32-40E84BA1957E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810209:*:*:*:*:*:*\",\"matchCriteriaId\":\"3ACB68F5-EC73-4C30-8FD3-F6647F9BCCD4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810210:*:*:*:*:*:*\",\"matchCriteriaId\":\"B854BA24-11FD-4D0C-9EFD-A88E64FED4E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810211:*:*:*:*:*:*\",\"matchCriteriaId\":\"554434AB-763F-4E95-B616-F7594041D511\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810212:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE56E7AC-F63D-4A4B-9B45-0E623973B14B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810213:*:*:*:*:*:*\",\"matchCriteriaId\":\"36664142-0111-42F5-A371-AD2C0DF211EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810214:*:*:*:*:*:*\",\"matchCriteriaId\":\"49EA78B6-8208-4351-88F9-103CA01EF3A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810215:*:*:*:*:*:*\",\"matchCriteriaId\":\"27AC575F-9AC4-4AA1-A71C-BF9F752295F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810216:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C0F47F3-0509-45AC-8EA9-37246E4E6095\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810217:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE103301-6AEF-4348-8F36-833021739AEF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810218:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D92B2FF-8962-41F9-B019-D83AAAD188FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810219:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E6D5227-3421-412F-9BE0-583AA768446D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810220:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD2F52AF-D7EF-4F57-8F04-B0C6CD3FED63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810221:*:*:*:*:*:*\",\"matchCriteriaId\":\"82BA9EB1-4EFB-4649-92C7-2C307966956E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810222:*:*:*:*:*:*\",\"matchCriteriaId\":\"2133378D-8DFD-48B9-83A1-9FA7DDC68902\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810223:*:*:*:*:*:*\",\"matchCriteriaId\":\"57BF8703-0C83-4BA5-B0F7-FB6E45229685\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810224:*:*:*:*:*:*\",\"matchCriteriaId\":\"DAADDD62-2F6E-4D12-A49F-3D38ACF488E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810225:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5834F35-6D9A-48E5-BB5C-3A7D6CCE36D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810226:*:*:*:*:*:*\",\"matchCriteriaId\":\"27FA0C0E-B5A2-4619-998B-CFB45496D895\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810227:*:*:*:*:*:*\",\"matchCriteriaId\":\"B98EDBA4-0BA4-4894-B6F6-681117A5C5C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810228:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E756914-2C2A-4999-AAEA-2F6835A29C49\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810229:*:*:*:*:*:*\",\"matchCriteriaId\":\"0AC0C89B-26A3-40F7-855F-5F6B36B77F5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810230:*:*:*:*:*:*\",\"matchCriteriaId\":\"5BF2FE18-A90E-429A-98D1-9A97DD0464B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810231:*:*:*:*:*:*\",\"matchCriteriaId\":\"92289D85-0652-41D1-A6BA-D4B8C7EE1F45\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810232:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF41887D-B145-4D01-9AEF-2E36479B2FA1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810233:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FEAF0ED-BD20-4BA6-BB23-1C978B823A11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810234:*:*:*:*:*:*\",\"matchCriteriaId\":\"36234CE1-FA7E-4534-9720-410435E2BAEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201901401:*:*:*:*:*:*\",\"matchCriteriaId\":\"494E0B07-CE16-46D4-A89B-4F12A6CECDF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201901402:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD046237-16D7-4A57-9F09-2A6A649368C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201901403:*:*:*:*:*:*\",\"matchCriteriaId\":\"8343E8DB-1D54-4B82-9254-2E2AFC548609\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/152290/VMware-Security-Advisory-2019-0005.html\",\"source\":\"security@vmware.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/107535\",\"source\":\"security@vmware.com\"},{\"url\":\"http://www.securityfocus.com/bid/108443\",\"source\":\"security@vmware.com\"},{\"url\":\"https://www.vmware.com/security/advisories/VMSA-2019-0005.html\",\"source\":\"security@vmware.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-19-420/\",\"source\":\"security@vmware.com\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.