Vulnerability Description
VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, VMware Fusion 6.x before 6.0.5, and VMware ESXi 5.0 through 5.5 allow host OS users to gain host OS privileges or cause a denial of service (arbitrary write to a file) by modifying a configuration file.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Vmware | Player | 6.0 |
| Vmware | Fusion | 6.0 |
| Vmware | Workstation | 10.0 |
| Vmware | Esxi | 5.0 |
Related Weaknesses (CWE)
References
- http://jvn.jp/en/jp/JVN88252465/index.htmlThird Party AdvisoryVDB Entry
- http://jvndb.jvn.jp/jvndb/JVNDB-2015-000007Third Party AdvisoryVDB Entry
- http://secunia.com/advisories/62551
- http://secunia.com/advisories/62605
- http://secunia.com/advisories/62669
- http://www.securityfocus.com/bid/72338Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1031642Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1031643Third Party AdvisoryVDB Entry
- http://www.vmware.com/security/advisories/VMSA-2015-0001.htmlPatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/100933
- http://jvn.jp/en/jp/JVN88252465/index.htmlThird Party AdvisoryVDB Entry
- http://jvndb.jvn.jp/jvndb/JVNDB-2015-000007Third Party AdvisoryVDB Entry
- http://secunia.com/advisories/62551
- http://secunia.com/advisories/62605
- http://secunia.com/advisories/62669
FAQ
What is CVE-2014-8370?
CVE-2014-8370 is a vulnerability with a CVSS score of 6.4 (MEDIUM). VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, VMware Fusion 6.x before 6.0.5, and VMware ESXi 5.0 through 5.5 allow host OS users to gain host OS privileges or cause a denial ...
How severe is CVE-2014-8370?
CVE-2014-8370 has been rated MEDIUM with a CVSS base score of 6.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-8370?
Check the references section above for vendor advisories and patch information. Affected products include: Vmware Player, Vmware Fusion, Vmware Workstation, Vmware Esxi.