Vulnerability Description
VMware Workstation (14.x before 14.1.1, 12.x) and Fusion (10.x before 10.1.1 and 8.x) contain a denial-of-service vulnerability which can be triggered by opening a large number of VNC sessions. Note: In order for exploitation to be possible on Workstation and Fusion, VNC must be manually enabled.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Vmware | Workstation Pro | >= 14.0, < 14.1.1 |
| Vmware | Workstation Player | >= 14.0, < 14.1.1 |
| Vmware | Fusion | 8.0 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/103431Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1040539Third Party AdvisoryVDB Entry
- https://www.vmware.com/security/advisories/VMSA-2018-0008.htmlVendor Advisory
- http://www.securityfocus.com/bid/103431Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1040539Third Party AdvisoryVDB Entry
- https://www.vmware.com/security/advisories/VMSA-2018-0008.htmlVendor Advisory
FAQ
What is CVE-2018-6957?
CVE-2018-6957 is a vulnerability with a CVSS score of 5.3 (MEDIUM). VMware Workstation (14.x before 14.1.1, 12.x) and Fusion (10.x before 10.1.1 and 8.x) contain a denial-of-service vulnerability which can be triggered by opening a large number of VNC sessions. Note: ...
How severe is CVE-2018-6957?
CVE-2018-6957 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-6957?
Check the references section above for vendor advisories and patch information. Affected products include: Vmware Workstation Pro, Vmware Workstation Player, Vmware Fusion.