Vulnerability Description
VMware Workstation (14.x before 14.1.2) and Fusion (10.x before 10.1.2) contain multiple denial-of-service vulnerabilities that occur due to NULL pointer dereference issues in the RPC handler. Successful exploitation of these issues may allow an attacker with limited privileges on the guest machine trigger a denial-of-Service of their guest machine.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Vmware | Fusion | >= 10.0, < 10.1.2 |
| Vmware | Workstation | >= 14.0, < 14.1.2 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/104237Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1040957Third Party AdvisoryVDB Entry
- https://www.vmware.com/security/advisories/VMSA-2018-0013.htmlPatchVendor Advisory
- http://www.securityfocus.com/bid/104237Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1040957Third Party AdvisoryVDB Entry
- https://www.vmware.com/security/advisories/VMSA-2018-0013.htmlPatchVendor Advisory
FAQ
What is CVE-2018-6963?
CVE-2018-6963 is a vulnerability with a CVSS score of 5.5 (MEDIUM). VMware Workstation (14.x before 14.1.2) and Fusion (10.x before 10.1.2) contain multiple denial-of-service vulnerabilities that occur due to NULL pointer dereference issues in the RPC handler. Success...
How severe is CVE-2018-6963?
CVE-2018-6963 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-6963?
Check the references section above for vendor advisories and patch information. Affected products include: Vmware Fusion, Vmware Workstation.