cve-2019-5519
Vulnerability from cvelistv5
Published
2019-04-01 20:39
Modified
2024-08-04 20:01
Severity ?
Summary
VMware ESXi (6.7 before ESXi670-201903001, 6.5 before ESXi650-201903001, 6.0 before ESXi600-201903001), Workstation (15.x before 15.0.4, 14.x before 14.1.7), Fusion (11.x before 11.0.3, 10.x before 10.1.6) contain a Time-of-check Time-of-use (TOCTOU) vulnerability in the virtual USB 1.1 UHCI (Universal Host Controller Interface). Exploitation of this issue requires an attacker to have access to a virtual machine with a virtual USB controller present. This issue may allow a guest to execute code on the host.
References
security@vmware.comhttp://packetstormsecurity.com/files/152290/VMware-Security-Advisory-2019-0005.htmlThird Party Advisory, VDB Entry
security@vmware.comhttp://www.securityfocus.com/bid/107535
security@vmware.comhttp://www.securityfocus.com/bid/108443
security@vmware.comhttps://www.vmware.com/security/advisories/VMSA-2019-0005.htmlVendor Advisory
security@vmware.comhttps://www.zerodayinitiative.com/advisories/ZDI-19-420/
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/152290/VMware-Security-Advisory-2019-0005.htmlThird Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/107535
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/108443
af854a3a-2127-422b-91ae-364da2661108https://www.vmware.com/security/advisories/VMSA-2019-0005.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.zerodayinitiative.com/advisories/ZDI-19-420/
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T20:01:51.426Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "107535",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/107535"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/152290/VMware-Security-Advisory-2019-0005.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.vmware.com/security/advisories/VMSA-2019-0005.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-420/"
          },
          {
            "name": "108443",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108443"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "VMware ESXi, Workstation, Fusion",
          "vendor": "VMware",
          "versions": [
            {
              "status": "affected",
              "version": "ESXi 6.7 before ESXi670-201903001"
            },
            {
              "status": "affected",
              "version": "ESXi 6.5 before ESXi650-201903001"
            },
            {
              "status": "affected",
              "version": "ESXi 6.0 before ESXi600-201903001"
            },
            {
              "status": "affected",
              "version": "Workstation 15.x before 15.0.4"
            },
            {
              "status": "affected",
              "version": "Workstation 14.x before 14.1.7"
            },
            {
              "status": "affected",
              "version": "Fusion 11.x before 11.0.3"
            },
            {
              "status": "affected",
              "version": "Fusion 10.x before 10.1.6"
            }
          ]
        }
      ],
      "datePublic": "2019-03-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "VMware ESXi (6.7 before ESXi670-201903001, 6.5 before ESXi650-201903001, 6.0 before ESXi600-201903001), Workstation (15.x before 15.0.4, 14.x before 14.1.7), Fusion (11.x before 11.0.3, 10.x before 10.1.6) contain a Time-of-check Time-of-use (TOCTOU) vulnerability in the virtual USB 1.1 UHCI (Universal Host Controller Interface). Exploitation of this issue requires an attacker to have access to a virtual machine with a virtual USB controller present. This issue may allow a guest to execute code on the host."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Time-of-check Time-of-use (TOCTOU) vulnerability",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-24T11:06:04",
        "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
        "shortName": "vmware"
      },
      "references": [
        {
          "name": "107535",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/107535"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/152290/VMware-Security-Advisory-2019-0005.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.vmware.com/security/advisories/VMSA-2019-0005.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-420/"
        },
        {
          "name": "108443",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108443"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@vmware.com",
          "ID": "CVE-2019-5519",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "VMware ESXi, Workstation, Fusion",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "ESXi 6.7 before ESXi670-201903001"
                          },
                          {
                            "version_value": "ESXi 6.5 before ESXi650-201903001"
                          },
                          {
                            "version_value": "ESXi 6.0 before ESXi600-201903001"
                          },
                          {
                            "version_value": "Workstation 15.x before 15.0.4"
                          },
                          {
                            "version_value": "Workstation 14.x before 14.1.7"
                          },
                          {
                            "version_value": "Fusion 11.x before 11.0.3"
                          },
                          {
                            "version_value": "Fusion 10.x before 10.1.6"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "VMware"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "VMware ESXi (6.7 before ESXi670-201903001, 6.5 before ESXi650-201903001, 6.0 before ESXi600-201903001), Workstation (15.x before 15.0.4, 14.x before 14.1.7), Fusion (11.x before 11.0.3, 10.x before 10.1.6) contain a Time-of-check Time-of-use (TOCTOU) vulnerability in the virtual USB 1.1 UHCI (Universal Host Controller Interface). Exploitation of this issue requires an attacker to have access to a virtual machine with a virtual USB controller present. This issue may allow a guest to execute code on the host."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Time-of-check Time-of-use (TOCTOU) vulnerability"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "107535",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/107535"
            },
            {
              "name": "http://packetstormsecurity.com/files/152290/VMware-Security-Advisory-2019-0005.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/152290/VMware-Security-Advisory-2019-0005.html"
            },
            {
              "name": "https://www.vmware.com/security/advisories/VMSA-2019-0005.html",
              "refsource": "CONFIRM",
              "url": "https://www.vmware.com/security/advisories/VMSA-2019-0005.html"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-420/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-420/"
            },
            {
              "name": "108443",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108443"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
    "assignerShortName": "vmware",
    "cveId": "CVE-2019-5519",
    "datePublished": "2019-04-01T20:39:47",
    "dateReserved": "2019-01-07T00:00:00",
    "dateUpdated": "2024-08-04T20:01:51.426Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"10.0.0\", \"versionEndExcluding\": \"10.1.6\", \"matchCriteriaId\": \"1BEBF6D2-4832-46F0-A0B1-4B47FDCFD6BE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"11.0.0\", \"versionEndExcluding\": \"11.0.3\", \"matchCriteriaId\": \"D1D88E61-CE5C-467A-A720-F4DCFC248134\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"14.0.0\", \"versionEndExcluding\": \"14.1.7\", \"matchCriteriaId\": \"09B11AFA-BA40-40C7-9F8E-6CB1A7DAE369\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15.0.0\", \"versionEndExcluding\": \"15.0.4\", \"matchCriteriaId\": \"D0F08B22-5048-4A6C-9250-6A3593A4570F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.0:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"3E8861F4-D390-4738-BBF0-9EE4684E9667\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.0:600-201811001:*:*:*:*:*:*\", \"matchCriteriaId\": \"0BC70488-A435-43BE-AEF4-30CBA36CBC03\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.0:600-201811401:*:*:*:*:*:*\", \"matchCriteriaId\": \"2B37DC7D-A1C6-468F-A42E-160CE226FF7D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"FBA15143-734D-4889-8B5A-2445A2DDDD4B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.5:650-201707101:*:*:*:*:*:*\", \"matchCriteriaId\": \"75FAFF86-C65F-4723-8A63-BACE2F797937\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.5:650-201707102:*:*:*:*:*:*\", \"matchCriteriaId\": \"DBC31DE3-ACFE-422F-B253-2FE4AAFE3954\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.5:650-201707103:*:*:*:*:*:*\", \"matchCriteriaId\": \"B30B3EA4-495F-4915-B6E3-5FB9277C2DE6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.5:650-201707201:*:*:*:*:*:*\", \"matchCriteriaId\": \"6FA9E337-B4F3-4895-BA58-962F8CDEE73E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.5:650-201707202:*:*:*:*:*:*\", \"matchCriteriaId\": \"830B0BC1-A368-49AC-B6C9-B000972EF92A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.5:650-201707203:*:*:*:*:*:*\", \"matchCriteriaId\": \"614394F3-3BEE-4E12-AABF-436D54A04313\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.5:650-201707204:*:*:*:*:*:*\", \"matchCriteriaId\": \"350FD3CE-8B64-4FCF-82DE-BE941156F4F6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.5:650-201707205:*:*:*:*:*:*\", \"matchCriteriaId\": \"C9EAE177-6C7E-4C1B-ADEE-2C036F731272\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.5:650-201707206:*:*:*:*:*:*\", \"matchCriteriaId\": \"DFFEEC31-8462-4DF9-A1DA-D7057C209CBA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.5:650-201707207:*:*:*:*:*:*\", \"matchCriteriaId\": \"0AC6BC16-0A1D-44B3-BA68-63EA05EDD54B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.5:650-201707208:*:*:*:*:*:*\", \"matchCriteriaId\": \"942DAD67-9455-4D02-BD3B-BFD2DE7A7E52\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.5:650-201707209:*:*:*:*:*:*\", \"matchCriteriaId\": \"7ACC1A72-F6B6-430A-AB89-AB0A11587F58\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.5:650-201707210:*:*:*:*:*:*\", \"matchCriteriaId\": \"45111C74-BF6F-4C05-A0D3-CE325AD0C02B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.5:650-201707211:*:*:*:*:*:*\", \"matchCriteriaId\": \"B1CE5849-01B1-4E36-83E8-496A3F328C9C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.5:650-201707212:*:*:*:*:*:*\", \"matchCriteriaId\": \"A879BA05-3A80-4EBC-AA9D-9B53695425B4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.5:650-201707213:*:*:*:*:*:*\", \"matchCriteriaId\": \"3D65A0E8-A1E0-42F3-B77D-2F32979278BB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.5:650-201707214:*:*:*:*:*:*\", \"matchCriteriaId\": \"80C10150-39BA-4818-B48F-8645D4A0D316\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.5:650-201707215:*:*:*:*:*:*\", \"matchCriteriaId\": \"9792B986-86EF-40E0-9427-A45F858717E1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.5:650-201707216:*:*:*:*:*:*\", \"matchCriteriaId\": \"37EDD688-C91A-4A35-913A-82E156ADD242\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.5:650-201707217:*:*:*:*:*:*\", \"matchCriteriaId\": \"5CC1AC0E-8D3F-46C0-BDA9-EB9DC9971F57\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.5:650-201707218:*:*:*:*:*:*\", \"matchCriteriaId\": \"47DA50DA-7CA4-4B76-8B3B-A5732509F71D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.5:650-201707219:*:*:*:*:*:*\", \"matchCriteriaId\": \"76EB1A04-0645-4909-AEF9-33D6FADA4793\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.5:650-201707220:*:*:*:*:*:*\", \"matchCriteriaId\": \"F1A35723-D968-42D6-89EB-86CA550516E6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.5:650-201707221:*:*:*:*:*:*\", \"matchCriteriaId\": \"C3AC8A19-F98E-48F1-A1EA-EAA1C7208335\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.5:650-201811001:*:*:*:*:*:*\", \"matchCriteriaId\": \"E7DF3ED7-FA3F-4EBC-99AC-B7AD20E85927\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.5:650-201811301:*:*:*:*:*:*\", \"matchCriteriaId\": \"DE1372AD-2853-4BED-BB71-6BACB28B95C9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.7:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"B2792D06-A73E-4A56-A152-82E1AD4E707D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.7:670-201810101:*:*:*:*:*:*\", \"matchCriteriaId\": \"EDA4AE4C-3BA8-472D-950A-3C8684565CD8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.7:670-201810102:*:*:*:*:*:*\", \"matchCriteriaId\": \"6AA3617D-B911-4BC5-B544-B31D4F43D2B3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.7:670-201810103:*:*:*:*:*:*\", \"matchCriteriaId\": \"CDC6E0F6-83DF-4670-8D04-A41C7DC1B881\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.7:670-201810201:*:*:*:*:*:*\", \"matchCriteriaId\": \"047A71B3-CDFB-41F3-B2DE-11360DAE5744\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.7:670-201810202:*:*:*:*:*:*\", \"matchCriteriaId\": \"F88691FD-F263-4B75-BF21-481BC1623C3C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.7:670-201810203:*:*:*:*:*:*\", \"matchCriteriaId\": \"D2A47CDA-D3DD-4E0F-8268-32A188EA1D94\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.7:670-201810204:*:*:*:*:*:*\", \"matchCriteriaId\": \"36A67476-2E8E-4104-9F10-7AE42F82508F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.7:670-201810205:*:*:*:*:*:*\", \"matchCriteriaId\": \"ED029F1A-96D0-4EF2-9148-FC98E8B8FDCC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.7:670-201810206:*:*:*:*:*:*\", \"matchCriteriaId\": \"E2283675-582F-44A8-833B-B5B439CBFA1E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.7:670-201810207:*:*:*:*:*:*\", \"matchCriteriaId\": \"94C4A188-6B00-48C4-B7E2-9F70811BF618\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.7:670-201810208:*:*:*:*:*:*\", \"matchCriteriaId\": \"F82943E9-E2D0-49F4-BD32-40E84BA1957E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.7:670-201810209:*:*:*:*:*:*\", \"matchCriteriaId\": \"3ACB68F5-EC73-4C30-8FD3-F6647F9BCCD4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.7:670-201810210:*:*:*:*:*:*\", \"matchCriteriaId\": \"B854BA24-11FD-4D0C-9EFD-A88E64FED4E4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.7:670-201810211:*:*:*:*:*:*\", \"matchCriteriaId\": \"554434AB-763F-4E95-B616-F7594041D511\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.7:670-201810212:*:*:*:*:*:*\", \"matchCriteriaId\": \"CE56E7AC-F63D-4A4B-9B45-0E623973B14B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.7:670-201810213:*:*:*:*:*:*\", \"matchCriteriaId\": \"36664142-0111-42F5-A371-AD2C0DF211EF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.7:670-201810214:*:*:*:*:*:*\", \"matchCriteriaId\": \"49EA78B6-8208-4351-88F9-103CA01EF3A1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.7:670-201810215:*:*:*:*:*:*\", \"matchCriteriaId\": \"27AC575F-9AC4-4AA1-A71C-BF9F752295F1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.7:670-201810216:*:*:*:*:*:*\", \"matchCriteriaId\": \"4C0F47F3-0509-45AC-8EA9-37246E4E6095\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.7:670-201810217:*:*:*:*:*:*\", \"matchCriteriaId\": \"CE103301-6AEF-4348-8F36-833021739AEF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.7:670-201810218:*:*:*:*:*:*\", \"matchCriteriaId\": \"8D92B2FF-8962-41F9-B019-D83AAAD188FC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.7:670-201810219:*:*:*:*:*:*\", \"matchCriteriaId\": \"8E6D5227-3421-412F-9BE0-583AA768446D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.7:670-201810220:*:*:*:*:*:*\", \"matchCriteriaId\": \"BD2F52AF-D7EF-4F57-8F04-B0C6CD3FED63\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.7:670-201810221:*:*:*:*:*:*\", \"matchCriteriaId\": \"82BA9EB1-4EFB-4649-92C7-2C307966956E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.7:670-201810222:*:*:*:*:*:*\", \"matchCriteriaId\": \"2133378D-8DFD-48B9-83A1-9FA7DDC68902\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.7:670-201810223:*:*:*:*:*:*\", \"matchCriteriaId\": \"57BF8703-0C83-4BA5-B0F7-FB6E45229685\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.7:670-201810224:*:*:*:*:*:*\", \"matchCriteriaId\": \"DAADDD62-2F6E-4D12-A49F-3D38ACF488E8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.7:670-201810225:*:*:*:*:*:*\", \"matchCriteriaId\": \"B5834F35-6D9A-48E5-BB5C-3A7D6CCE36D6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.7:670-201810226:*:*:*:*:*:*\", \"matchCriteriaId\": \"27FA0C0E-B5A2-4619-998B-CFB45496D895\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.7:670-201810227:*:*:*:*:*:*\", \"matchCriteriaId\": \"B98EDBA4-0BA4-4894-B6F6-681117A5C5C9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.7:670-201810228:*:*:*:*:*:*\", \"matchCriteriaId\": \"8E756914-2C2A-4999-AAEA-2F6835A29C49\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.7:670-201810229:*:*:*:*:*:*\", \"matchCriteriaId\": \"0AC0C89B-26A3-40F7-855F-5F6B36B77F5B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.7:670-201810230:*:*:*:*:*:*\", \"matchCriteriaId\": \"5BF2FE18-A90E-429A-98D1-9A97DD0464B0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.7:670-201810231:*:*:*:*:*:*\", \"matchCriteriaId\": \"92289D85-0652-41D1-A6BA-D4B8C7EE1F45\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.7:670-201810232:*:*:*:*:*:*\", \"matchCriteriaId\": \"CF41887D-B145-4D01-9AEF-2E36479B2FA1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.7:670-201810233:*:*:*:*:*:*\", \"matchCriteriaId\": \"0FEAF0ED-BD20-4BA6-BB23-1C978B823A11\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.7:670-201810234:*:*:*:*:*:*\", \"matchCriteriaId\": \"36234CE1-FA7E-4534-9720-410435E2BAEE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.7:670-201901401:*:*:*:*:*:*\", \"matchCriteriaId\": \"494E0B07-CE16-46D4-A89B-4F12A6CECDF4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.7:670-201901402:*:*:*:*:*:*\", \"matchCriteriaId\": \"DD046237-16D7-4A57-9F09-2A6A649368C6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esxi:6.7:670-201901403:*:*:*:*:*:*\", \"matchCriteriaId\": \"8343E8DB-1D54-4B82-9254-2E2AFC548609\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"VMware ESXi (6.7 before ESXi670-201903001, 6.5 before ESXi650-201903001, 6.0 before ESXi600-201903001), Workstation (15.x before 15.0.4, 14.x before 14.1.7), Fusion (11.x before 11.0.3, 10.x before 10.1.6) contain a Time-of-check Time-of-use (TOCTOU) vulnerability in the virtual USB 1.1 UHCI (Universal Host Controller Interface). Exploitation of this issue requires an attacker to have access to a virtual machine with a virtual USB controller present. This issue may allow a guest to execute code on the host.\"}, {\"lang\": \"es\", \"value\": \"VMware ESXi (en las versiones 6.7 anteriores a la ESXi670-201903001, en las 6.5 anteriores a la ESXi650-201903001 y en las 6.0 anteriores a la ESXi600-201903001), Workstation (en las versiones 15.x anteriores a la 15.0.4 y en las 14.x anteriores a la 14.1.7), Fusion (en las versiones 11.x anteriores a la 11.0.3 y en las 10.x anteriores a la 10.1.6) contiene una vulnerabilidad de time-of-check time-of-use (TOCTOU) en la UHCI virtual (Universal Host Controller Interface) de USB 1.1. La explotaci\\u00f3n de este fallo requiere que el atacante tenga acceso a una m\\u00e1quina virtual con un controlador USB virtual presente. Este problema puede permitir que un invitado ejecute c\\u00f3digo en el host\"}]",
      "id": "CVE-2019-5519",
      "lastModified": "2024-11-21T04:45:05.893",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 6.8, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"PHYSICAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 0.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 7.2, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 3.9, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2019-04-01T21:30:44.000",
      "references": "[{\"url\": \"http://packetstormsecurity.com/files/152290/VMware-Security-Advisory-2019-0005.html\", \"source\": \"security@vmware.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/bid/107535\", \"source\": \"security@vmware.com\"}, {\"url\": \"http://www.securityfocus.com/bid/108443\", \"source\": \"security@vmware.com\"}, {\"url\": \"https://www.vmware.com/security/advisories/VMSA-2019-0005.html\", \"source\": \"security@vmware.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.zerodayinitiative.com/advisories/ZDI-19-420/\", \"source\": \"security@vmware.com\"}, {\"url\": \"http://packetstormsecurity.com/files/152290/VMware-Security-Advisory-2019-0005.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/bid/107535\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/108443\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.vmware.com/security/advisories/VMSA-2019-0005.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.zerodayinitiative.com/advisories/ZDI-19-420/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "security@vmware.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-367\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2019-5519\",\"sourceIdentifier\":\"security@vmware.com\",\"published\":\"2019-04-01T21:30:44.000\",\"lastModified\":\"2024-11-21T04:45:05.893\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"VMware ESXi (6.7 before ESXi670-201903001, 6.5 before ESXi650-201903001, 6.0 before ESXi600-201903001), Workstation (15.x before 15.0.4, 14.x before 14.1.7), Fusion (11.x before 11.0.3, 10.x before 10.1.6) contain a Time-of-check Time-of-use (TOCTOU) vulnerability in the virtual USB 1.1 UHCI (Universal Host Controller Interface). Exploitation of this issue requires an attacker to have access to a virtual machine with a virtual USB controller present. This issue may allow a guest to execute code on the host.\"},{\"lang\":\"es\",\"value\":\"VMware ESXi (en las versiones 6.7 anteriores a la ESXi670-201903001, en las 6.5 anteriores a la ESXi650-201903001 y en las 6.0 anteriores a la ESXi600-201903001), Workstation (en las versiones 15.x anteriores a la 15.0.4 y en las 14.x anteriores a la 14.1.7), Fusion (en las versiones 11.x anteriores a la 11.0.3 y en las 10.x anteriores a la 10.1.6) contiene una vulnerabilidad de time-of-check time-of-use (TOCTOU) en la UHCI virtual (Universal Host Controller Interface) de USB 1.1. La explotaci\u00f3n de este fallo requiere que el atacante tenga acceso a una m\u00e1quina virtual con un controlador USB virtual presente. Este problema puede permitir que un invitado ejecute c\u00f3digo en el host\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":6.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"PHYSICAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-367\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.0.0\",\"versionEndExcluding\":\"10.1.6\",\"matchCriteriaId\":\"1BEBF6D2-4832-46F0-A0B1-4B47FDCFD6BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0.0\",\"versionEndExcluding\":\"11.0.3\",\"matchCriteriaId\":\"D1D88E61-CE5C-467A-A720-F4DCFC248134\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.0.0\",\"versionEndExcluding\":\"14.1.7\",\"matchCriteriaId\":\"09B11AFA-BA40-40C7-9F8E-6CB1A7DAE369\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15.0.0\",\"versionEndExcluding\":\"15.0.4\",\"matchCriteriaId\":\"D0F08B22-5048-4A6C-9250-6A3593A4570F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E8861F4-D390-4738-BBF0-9EE4684E9667\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.0:600-201811001:*:*:*:*:*:*\",\"matchCriteriaId\":\"0BC70488-A435-43BE-AEF4-30CBA36CBC03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.0:600-201811401:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B37DC7D-A1C6-468F-A42E-160CE226FF7D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"FBA15143-734D-4889-8B5A-2445A2DDDD4B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707101:*:*:*:*:*:*\",\"matchCriteriaId\":\"75FAFF86-C65F-4723-8A63-BACE2F797937\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707102:*:*:*:*:*:*\",\"matchCriteriaId\":\"DBC31DE3-ACFE-422F-B253-2FE4AAFE3954\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707103:*:*:*:*:*:*\",\"matchCriteriaId\":\"B30B3EA4-495F-4915-B6E3-5FB9277C2DE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707201:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FA9E337-B4F3-4895-BA58-962F8CDEE73E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707202:*:*:*:*:*:*\",\"matchCriteriaId\":\"830B0BC1-A368-49AC-B6C9-B000972EF92A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707203:*:*:*:*:*:*\",\"matchCriteriaId\":\"614394F3-3BEE-4E12-AABF-436D54A04313\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707204:*:*:*:*:*:*\",\"matchCriteriaId\":\"350FD3CE-8B64-4FCF-82DE-BE941156F4F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707205:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9EAE177-6C7E-4C1B-ADEE-2C036F731272\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707206:*:*:*:*:*:*\",\"matchCriteriaId\":\"DFFEEC31-8462-4DF9-A1DA-D7057C209CBA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707207:*:*:*:*:*:*\",\"matchCriteriaId\":\"0AC6BC16-0A1D-44B3-BA68-63EA05EDD54B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707208:*:*:*:*:*:*\",\"matchCriteriaId\":\"942DAD67-9455-4D02-BD3B-BFD2DE7A7E52\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707209:*:*:*:*:*:*\",\"matchCriteriaId\":\"7ACC1A72-F6B6-430A-AB89-AB0A11587F58\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707210:*:*:*:*:*:*\",\"matchCriteriaId\":\"45111C74-BF6F-4C05-A0D3-CE325AD0C02B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707211:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1CE5849-01B1-4E36-83E8-496A3F328C9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707212:*:*:*:*:*:*\",\"matchCriteriaId\":\"A879BA05-3A80-4EBC-AA9D-9B53695425B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707213:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D65A0E8-A1E0-42F3-B77D-2F32979278BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707214:*:*:*:*:*:*\",\"matchCriteriaId\":\"80C10150-39BA-4818-B48F-8645D4A0D316\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707215:*:*:*:*:*:*\",\"matchCriteriaId\":\"9792B986-86EF-40E0-9427-A45F858717E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707216:*:*:*:*:*:*\",\"matchCriteriaId\":\"37EDD688-C91A-4A35-913A-82E156ADD242\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707217:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CC1AC0E-8D3F-46C0-BDA9-EB9DC9971F57\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707218:*:*:*:*:*:*\",\"matchCriteriaId\":\"47DA50DA-7CA4-4B76-8B3B-A5732509F71D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707219:*:*:*:*:*:*\",\"matchCriteriaId\":\"76EB1A04-0645-4909-AEF9-33D6FADA4793\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707220:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1A35723-D968-42D6-89EB-86CA550516E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201707221:*:*:*:*:*:*\",\"matchCriteriaId\":\"C3AC8A19-F98E-48F1-A1EA-EAA1C7208335\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201811001:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7DF3ED7-FA3F-4EBC-99AC-B7AD20E85927\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.5:650-201811301:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE1372AD-2853-4BED-BB71-6BACB28B95C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2792D06-A73E-4A56-A152-82E1AD4E707D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810101:*:*:*:*:*:*\",\"matchCriteriaId\":\"EDA4AE4C-3BA8-472D-950A-3C8684565CD8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810102:*:*:*:*:*:*\",\"matchCriteriaId\":\"6AA3617D-B911-4BC5-B544-B31D4F43D2B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810103:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDC6E0F6-83DF-4670-8D04-A41C7DC1B881\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810201:*:*:*:*:*:*\",\"matchCriteriaId\":\"047A71B3-CDFB-41F3-B2DE-11360DAE5744\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810202:*:*:*:*:*:*\",\"matchCriteriaId\":\"F88691FD-F263-4B75-BF21-481BC1623C3C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810203:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2A47CDA-D3DD-4E0F-8268-32A188EA1D94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810204:*:*:*:*:*:*\",\"matchCriteriaId\":\"36A67476-2E8E-4104-9F10-7AE42F82508F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810205:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED029F1A-96D0-4EF2-9148-FC98E8B8FDCC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810206:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2283675-582F-44A8-833B-B5B439CBFA1E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810207:*:*:*:*:*:*\",\"matchCriteriaId\":\"94C4A188-6B00-48C4-B7E2-9F70811BF618\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810208:*:*:*:*:*:*\",\"matchCriteriaId\":\"F82943E9-E2D0-49F4-BD32-40E84BA1957E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810209:*:*:*:*:*:*\",\"matchCriteriaId\":\"3ACB68F5-EC73-4C30-8FD3-F6647F9BCCD4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810210:*:*:*:*:*:*\",\"matchCriteriaId\":\"B854BA24-11FD-4D0C-9EFD-A88E64FED4E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810211:*:*:*:*:*:*\",\"matchCriteriaId\":\"554434AB-763F-4E95-B616-F7594041D511\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810212:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE56E7AC-F63D-4A4B-9B45-0E623973B14B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810213:*:*:*:*:*:*\",\"matchCriteriaId\":\"36664142-0111-42F5-A371-AD2C0DF211EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810214:*:*:*:*:*:*\",\"matchCriteriaId\":\"49EA78B6-8208-4351-88F9-103CA01EF3A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810215:*:*:*:*:*:*\",\"matchCriteriaId\":\"27AC575F-9AC4-4AA1-A71C-BF9F752295F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810216:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C0F47F3-0509-45AC-8EA9-37246E4E6095\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810217:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE103301-6AEF-4348-8F36-833021739AEF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810218:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D92B2FF-8962-41F9-B019-D83AAAD188FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810219:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E6D5227-3421-412F-9BE0-583AA768446D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810220:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD2F52AF-D7EF-4F57-8F04-B0C6CD3FED63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810221:*:*:*:*:*:*\",\"matchCriteriaId\":\"82BA9EB1-4EFB-4649-92C7-2C307966956E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810222:*:*:*:*:*:*\",\"matchCriteriaId\":\"2133378D-8DFD-48B9-83A1-9FA7DDC68902\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810223:*:*:*:*:*:*\",\"matchCriteriaId\":\"57BF8703-0C83-4BA5-B0F7-FB6E45229685\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810224:*:*:*:*:*:*\",\"matchCriteriaId\":\"DAADDD62-2F6E-4D12-A49F-3D38ACF488E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810225:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5834F35-6D9A-48E5-BB5C-3A7D6CCE36D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810226:*:*:*:*:*:*\",\"matchCriteriaId\":\"27FA0C0E-B5A2-4619-998B-CFB45496D895\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810227:*:*:*:*:*:*\",\"matchCriteriaId\":\"B98EDBA4-0BA4-4894-B6F6-681117A5C5C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810228:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E756914-2C2A-4999-AAEA-2F6835A29C49\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810229:*:*:*:*:*:*\",\"matchCriteriaId\":\"0AC0C89B-26A3-40F7-855F-5F6B36B77F5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810230:*:*:*:*:*:*\",\"matchCriteriaId\":\"5BF2FE18-A90E-429A-98D1-9A97DD0464B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810231:*:*:*:*:*:*\",\"matchCriteriaId\":\"92289D85-0652-41D1-A6BA-D4B8C7EE1F45\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810232:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF41887D-B145-4D01-9AEF-2E36479B2FA1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810233:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FEAF0ED-BD20-4BA6-BB23-1C978B823A11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201810234:*:*:*:*:*:*\",\"matchCriteriaId\":\"36234CE1-FA7E-4534-9720-410435E2BAEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201901401:*:*:*:*:*:*\",\"matchCriteriaId\":\"494E0B07-CE16-46D4-A89B-4F12A6CECDF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201901402:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD046237-16D7-4A57-9F09-2A6A649368C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esxi:6.7:670-201901403:*:*:*:*:*:*\",\"matchCriteriaId\":\"8343E8DB-1D54-4B82-9254-2E2AFC548609\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/152290/VMware-Security-Advisory-2019-0005.html\",\"source\":\"security@vmware.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/107535\",\"source\":\"security@vmware.com\"},{\"url\":\"http://www.securityfocus.com/bid/108443\",\"source\":\"security@vmware.com\"},{\"url\":\"https://www.vmware.com/security/advisories/VMSA-2019-0005.html\",\"source\":\"security@vmware.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-19-420/\",\"source\":\"security@vmware.com\"},{\"url\":\"http://packetstormsecurity.com/files/152290/VMware-Security-Advisory-2019-0005.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/107535\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/108443\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.vmware.com/security/advisories/VMSA-2019-0005.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-19-420/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.