fkie_cve-2019-5519
Vulnerability from fkie_nvd
Published
2019-04-01 21:30
Modified
2024-11-21 04:45
Summary
VMware ESXi (6.7 before ESXi670-201903001, 6.5 before ESXi650-201903001, 6.0 before ESXi600-201903001), Workstation (15.x before 15.0.4, 14.x before 14.1.7), Fusion (11.x before 11.0.3, 10.x before 10.1.6) contain a Time-of-check Time-of-use (TOCTOU) vulnerability in the virtual USB 1.1 UHCI (Universal Host Controller Interface). Exploitation of this issue requires an attacker to have access to a virtual machine with a virtual USB controller present. This issue may allow a guest to execute code on the host.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1BEBF6D2-4832-46F0-A0B1-4B47FDCFD6BE",
                     versionEndExcluding: "10.1.6",
                     versionStartIncluding: "10.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D1D88E61-CE5C-467A-A720-F4DCFC248134",
                     versionEndExcluding: "11.0.3",
                     versionStartIncluding: "11.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "09B11AFA-BA40-40C7-9F8E-6CB1A7DAE369",
                     versionEndExcluding: "14.1.7",
                     versionStartIncluding: "14.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D0F08B22-5048-4A6C-9250-6A3593A4570F",
                     versionEndExcluding: "15.0.4",
                     versionStartIncluding: "15.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.0:-:*:*:*:*:*:*",
                     matchCriteriaId: "3E8861F4-D390-4738-BBF0-9EE4684E9667",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201811001:*:*:*:*:*:*",
                     matchCriteriaId: "0BC70488-A435-43BE-AEF4-30CBA36CBC03",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.0:600-201811401:*:*:*:*:*:*",
                     matchCriteriaId: "2B37DC7D-A1C6-468F-A42E-160CE226FF7D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*",
                     matchCriteriaId: "FBA15143-734D-4889-8B5A-2445A2DDDD4B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707101:*:*:*:*:*:*",
                     matchCriteriaId: "75FAFF86-C65F-4723-8A63-BACE2F797937",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707102:*:*:*:*:*:*",
                     matchCriteriaId: "DBC31DE3-ACFE-422F-B253-2FE4AAFE3954",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707103:*:*:*:*:*:*",
                     matchCriteriaId: "B30B3EA4-495F-4915-B6E3-5FB9277C2DE6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707201:*:*:*:*:*:*",
                     matchCriteriaId: "6FA9E337-B4F3-4895-BA58-962F8CDEE73E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707202:*:*:*:*:*:*",
                     matchCriteriaId: "830B0BC1-A368-49AC-B6C9-B000972EF92A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707203:*:*:*:*:*:*",
                     matchCriteriaId: "614394F3-3BEE-4E12-AABF-436D54A04313",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707204:*:*:*:*:*:*",
                     matchCriteriaId: "350FD3CE-8B64-4FCF-82DE-BE941156F4F6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707205:*:*:*:*:*:*",
                     matchCriteriaId: "C9EAE177-6C7E-4C1B-ADEE-2C036F731272",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707206:*:*:*:*:*:*",
                     matchCriteriaId: "DFFEEC31-8462-4DF9-A1DA-D7057C209CBA",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707207:*:*:*:*:*:*",
                     matchCriteriaId: "0AC6BC16-0A1D-44B3-BA68-63EA05EDD54B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707208:*:*:*:*:*:*",
                     matchCriteriaId: "942DAD67-9455-4D02-BD3B-BFD2DE7A7E52",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707209:*:*:*:*:*:*",
                     matchCriteriaId: "7ACC1A72-F6B6-430A-AB89-AB0A11587F58",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707210:*:*:*:*:*:*",
                     matchCriteriaId: "45111C74-BF6F-4C05-A0D3-CE325AD0C02B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707211:*:*:*:*:*:*",
                     matchCriteriaId: "B1CE5849-01B1-4E36-83E8-496A3F328C9C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707212:*:*:*:*:*:*",
                     matchCriteriaId: "A879BA05-3A80-4EBC-AA9D-9B53695425B4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707213:*:*:*:*:*:*",
                     matchCriteriaId: "3D65A0E8-A1E0-42F3-B77D-2F32979278BB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707214:*:*:*:*:*:*",
                     matchCriteriaId: "80C10150-39BA-4818-B48F-8645D4A0D316",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707215:*:*:*:*:*:*",
                     matchCriteriaId: "9792B986-86EF-40E0-9427-A45F858717E1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707216:*:*:*:*:*:*",
                     matchCriteriaId: "37EDD688-C91A-4A35-913A-82E156ADD242",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707217:*:*:*:*:*:*",
                     matchCriteriaId: "5CC1AC0E-8D3F-46C0-BDA9-EB9DC9971F57",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707218:*:*:*:*:*:*",
                     matchCriteriaId: "47DA50DA-7CA4-4B76-8B3B-A5732509F71D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707219:*:*:*:*:*:*",
                     matchCriteriaId: "76EB1A04-0645-4909-AEF9-33D6FADA4793",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707220:*:*:*:*:*:*",
                     matchCriteriaId: "F1A35723-D968-42D6-89EB-86CA550516E6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201707221:*:*:*:*:*:*",
                     matchCriteriaId: "C3AC8A19-F98E-48F1-A1EA-EAA1C7208335",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201811001:*:*:*:*:*:*",
                     matchCriteriaId: "E7DF3ED7-FA3F-4EBC-99AC-B7AD20E85927",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.5:650-201811301:*:*:*:*:*:*",
                     matchCriteriaId: "DE1372AD-2853-4BED-BB71-6BACB28B95C9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.7:-:*:*:*:*:*:*",
                     matchCriteriaId: "B2792D06-A73E-4A56-A152-82E1AD4E707D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810101:*:*:*:*:*:*",
                     matchCriteriaId: "EDA4AE4C-3BA8-472D-950A-3C8684565CD8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810102:*:*:*:*:*:*",
                     matchCriteriaId: "6AA3617D-B911-4BC5-B544-B31D4F43D2B3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810103:*:*:*:*:*:*",
                     matchCriteriaId: "CDC6E0F6-83DF-4670-8D04-A41C7DC1B881",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810201:*:*:*:*:*:*",
                     matchCriteriaId: "047A71B3-CDFB-41F3-B2DE-11360DAE5744",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810202:*:*:*:*:*:*",
                     matchCriteriaId: "F88691FD-F263-4B75-BF21-481BC1623C3C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810203:*:*:*:*:*:*",
                     matchCriteriaId: "D2A47CDA-D3DD-4E0F-8268-32A188EA1D94",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810204:*:*:*:*:*:*",
                     matchCriteriaId: "36A67476-2E8E-4104-9F10-7AE42F82508F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810205:*:*:*:*:*:*",
                     matchCriteriaId: "ED029F1A-96D0-4EF2-9148-FC98E8B8FDCC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810206:*:*:*:*:*:*",
                     matchCriteriaId: "E2283675-582F-44A8-833B-B5B439CBFA1E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810207:*:*:*:*:*:*",
                     matchCriteriaId: "94C4A188-6B00-48C4-B7E2-9F70811BF618",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810208:*:*:*:*:*:*",
                     matchCriteriaId: "F82943E9-E2D0-49F4-BD32-40E84BA1957E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810209:*:*:*:*:*:*",
                     matchCriteriaId: "3ACB68F5-EC73-4C30-8FD3-F6647F9BCCD4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810210:*:*:*:*:*:*",
                     matchCriteriaId: "B854BA24-11FD-4D0C-9EFD-A88E64FED4E4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810211:*:*:*:*:*:*",
                     matchCriteriaId: "554434AB-763F-4E95-B616-F7594041D511",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810212:*:*:*:*:*:*",
                     matchCriteriaId: "CE56E7AC-F63D-4A4B-9B45-0E623973B14B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810213:*:*:*:*:*:*",
                     matchCriteriaId: "36664142-0111-42F5-A371-AD2C0DF211EF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810214:*:*:*:*:*:*",
                     matchCriteriaId: "49EA78B6-8208-4351-88F9-103CA01EF3A1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810215:*:*:*:*:*:*",
                     matchCriteriaId: "27AC575F-9AC4-4AA1-A71C-BF9F752295F1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810216:*:*:*:*:*:*",
                     matchCriteriaId: "4C0F47F3-0509-45AC-8EA9-37246E4E6095",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810217:*:*:*:*:*:*",
                     matchCriteriaId: "CE103301-6AEF-4348-8F36-833021739AEF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810218:*:*:*:*:*:*",
                     matchCriteriaId: "8D92B2FF-8962-41F9-B019-D83AAAD188FC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810219:*:*:*:*:*:*",
                     matchCriteriaId: "8E6D5227-3421-412F-9BE0-583AA768446D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810220:*:*:*:*:*:*",
                     matchCriteriaId: "BD2F52AF-D7EF-4F57-8F04-B0C6CD3FED63",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810221:*:*:*:*:*:*",
                     matchCriteriaId: "82BA9EB1-4EFB-4649-92C7-2C307966956E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810222:*:*:*:*:*:*",
                     matchCriteriaId: "2133378D-8DFD-48B9-83A1-9FA7DDC68902",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810223:*:*:*:*:*:*",
                     matchCriteriaId: "57BF8703-0C83-4BA5-B0F7-FB6E45229685",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810224:*:*:*:*:*:*",
                     matchCriteriaId: "DAADDD62-2F6E-4D12-A49F-3D38ACF488E8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810225:*:*:*:*:*:*",
                     matchCriteriaId: "B5834F35-6D9A-48E5-BB5C-3A7D6CCE36D6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810226:*:*:*:*:*:*",
                     matchCriteriaId: "27FA0C0E-B5A2-4619-998B-CFB45496D895",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810227:*:*:*:*:*:*",
                     matchCriteriaId: "B98EDBA4-0BA4-4894-B6F6-681117A5C5C9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810228:*:*:*:*:*:*",
                     matchCriteriaId: "8E756914-2C2A-4999-AAEA-2F6835A29C49",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810229:*:*:*:*:*:*",
                     matchCriteriaId: "0AC0C89B-26A3-40F7-855F-5F6B36B77F5B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810230:*:*:*:*:*:*",
                     matchCriteriaId: "5BF2FE18-A90E-429A-98D1-9A97DD0464B0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810231:*:*:*:*:*:*",
                     matchCriteriaId: "92289D85-0652-41D1-A6BA-D4B8C7EE1F45",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810232:*:*:*:*:*:*",
                     matchCriteriaId: "CF41887D-B145-4D01-9AEF-2E36479B2FA1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810233:*:*:*:*:*:*",
                     matchCriteriaId: "0FEAF0ED-BD20-4BA6-BB23-1C978B823A11",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201810234:*:*:*:*:*:*",
                     matchCriteriaId: "36234CE1-FA7E-4534-9720-410435E2BAEE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201901401:*:*:*:*:*:*",
                     matchCriteriaId: "494E0B07-CE16-46D4-A89B-4F12A6CECDF4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201901402:*:*:*:*:*:*",
                     matchCriteriaId: "DD046237-16D7-4A57-9F09-2A6A649368C6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:vmware:esxi:6.7:670-201901403:*:*:*:*:*:*",
                     matchCriteriaId: "8343E8DB-1D54-4B82-9254-2E2AFC548609",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "VMware ESXi (6.7 before ESXi670-201903001, 6.5 before ESXi650-201903001, 6.0 before ESXi600-201903001), Workstation (15.x before 15.0.4, 14.x before 14.1.7), Fusion (11.x before 11.0.3, 10.x before 10.1.6) contain a Time-of-check Time-of-use (TOCTOU) vulnerability in the virtual USB 1.1 UHCI (Universal Host Controller Interface). Exploitation of this issue requires an attacker to have access to a virtual machine with a virtual USB controller present. This issue may allow a guest to execute code on the host.",
      },
      {
         lang: "es",
         value: "VMware ESXi (en las versiones 6.7 anteriores a la ESXi670-201903001, en las 6.5 anteriores a la ESXi650-201903001 y en las 6.0 anteriores a la ESXi600-201903001), Workstation (en las versiones 15.x anteriores a la 15.0.4 y en las 14.x anteriores a la 14.1.7), Fusion (en las versiones 11.x anteriores a la 11.0.3 y en las 10.x anteriores a la 10.1.6) contiene una vulnerabilidad de time-of-check time-of-use (TOCTOU) en la UHCI virtual (Universal Host Controller Interface) de USB 1.1. La explotación de este fallo requiere que el atacante tenga acceso a una máquina virtual con un controlador USB virtual presente. Este problema puede permitir que un invitado ejecute código en el host",
      },
   ],
   id: "CVE-2019-5519",
   lastModified: "2024-11-21T04:45:05.893",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 7.2,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 10,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "PHYSICAL",
               availabilityImpact: "HIGH",
               baseScore: 6.8,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
               version: "3.0",
            },
            exploitabilityScore: 0.9,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2019-04-01T21:30:44.000",
   references: [
      {
         source: "security@vmware.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/152290/VMware-Security-Advisory-2019-0005.html",
      },
      {
         source: "security@vmware.com",
         url: "http://www.securityfocus.com/bid/107535",
      },
      {
         source: "security@vmware.com",
         url: "http://www.securityfocus.com/bid/108443",
      },
      {
         source: "security@vmware.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.vmware.com/security/advisories/VMSA-2019-0005.html",
      },
      {
         source: "security@vmware.com",
         url: "https://www.zerodayinitiative.com/advisories/ZDI-19-420/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/152290/VMware-Security-Advisory-2019-0005.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.securityfocus.com/bid/107535",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.securityfocus.com/bid/108443",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.vmware.com/security/advisories/VMSA-2019-0005.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://www.zerodayinitiative.com/advisories/ZDI-19-420/",
      },
   ],
   sourceIdentifier: "security@vmware.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-367",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}


Log in or create an account to share your comment.

Security Advisory comment format.

This schema specifies the format of a comment related to a security advisory.

UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).



Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.