Lucene search

[email protected]CVE-2014-8370

HistoryJan 29, 2015 - 6:59 p.m.

CVE-2014-8370

2015-01-2918:59:00

CWE-264

[email protected]

web.nvd.nist.gov

vmware

workstation

player

fusion

esxi

cve-2014-8370

os privilege escalation

denial of service

arbitrary write

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

4 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.8%

JSON

VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, VMware Fusion 6.x before 6.0.5, and VMware ESXi 5.0 through 5.5 allow host OS users to gain host OS privileges or cause a denial of service (arbitrary write to a file) by modifying a configuration file.

Affected configurations

NVD

Node

vmwareplayerMatch6.0

vmwareplayerMatch6.0.1

vmwareplayerMatch6.0.2

vmwareplayerMatch6.0.3

vmwareplayerMatch6.0.4

Node

vmwarefusionMatch6.0

vmwarefusionMatch6.0.1

vmwarefusionMatch6.0.2

vmwarefusionMatch6.0.3

vmwarefusionMatch6.0.4

Node

vmwareworkstationMatch10.0

vmwareworkstationMatch10.0.1

vmwareworkstationMatch10.0.2

vmwareworkstationMatch10.0.3

vmwareworkstationMatch10.0.4

Node

vmwareesxiMatch5.0

vmwareesxiMatch5.01

vmwareesxiMatch5.02

vmwareesxiMatch5.1

vmwareesxiMatch5.11

vmwareesxiMatch5.5

CPENameOperatorVersion
vmware:playervmware playereq6.0
vmware:playervmware playereq6.0.1
vmware:playervmware playereq6.0.2
vmware:playervmware playereq6.0.3
vmware:playervmware playereq6.0.4

CPE	Name	Operator	Version
vmware:player	vmware player	eq	6.0
vmware:player	vmware player	eq	6.0.1
vmware:player	vmware player	eq	6.0.2
vmware:player	vmware player	eq	6.0.3
vmware:player	vmware player	eq	6.0.4