CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
100.0%
Multiple serious vulnerabilities have been found in VMware products. Malicious users can exploit these vulnerabilities to gain privileges or cause denial of service.
Below is a complete list of vulnerabilities
Public exploits exist for this vulnerability.
VMware-vCenter-Converter-Standalone
CVE-2014-3566 warning
CVE-2014-3568 warning
CVE-2014-3660 warning
CVE-2015-1043 warning
CVE-2015-1044 warning
CVE-2014-3513 high
CVE-2014-3567 high
CVE-2014-8370 high
Update to latest version
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
Loss of integrity. Exploitation of vulnerabilities with this impact can lead to partial system fault or system components connection disruption.
statistics.securelist.com/
threats.kaspersky.com/en/product/VMware-Fusion/
threats.kaspersky.com/en/product/VMware-Player/
threats.kaspersky.com/en/product/VMware-Server/
threats.kaspersky.com/en/product/VMware-vCenter-Converter-Standalone/
threats.kaspersky.com/en/product/VMware-vSphere-Client/
threats.kaspersky.com/en/product/VMware-Workstation/
www.vmware.com/security/advisories/VMSA-2015-0001
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
100.0%