Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA61502
HistoryOct 20, 2023 - 12:00 a.m.

KLA61502 OSI vulnerability in VMWare Workstation

2023-10-2000:00:00
Kaspersky Lab
threats.kaspersky.com
17
vmware
vulnerability
information disclosure
update
vmsa-2023-0022
osi
cve-2023-34044

CVSS3

7.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

AI Score

6.3

Confidence

High

EPSS

0

Percentile

15.9%

JSON

Information disclosure vulnerability was found in VMWare Workstation. Malicious users can exploit this vulnerability to obtain sensitive information.

Original advisories

VMSA-2023-0022

Related products

VMware-Workstation

CVE list

CVE-2023-34044 high

Solution

Update to the latest version

Download VMware Workstation

Impacts

  • OSI

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

  • SB

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

Affected Products

  • VMware Workstation 17.x earlier than 17.5.0

Related

cvelist 1
prion 1
nvd 1
zdi 1
nessus 2
cve 1
vmware 1
cvelist
cvelist
CVE-2023-34044 Information disclosure vulnerability in bluetooth device-sharing functionality
2023-10-20 08:56:53
prion
prion
Out-of-bounds
2023-10-20 09:15:00
nvd
nvd
CVE-2023-34044
2023-10-20 09:15:12
zdi
zdi
VMware Workstation UHCI Uninitialized Variable Information Disclosure Vulnerability
2023-11-06 00:00:00
nessus
nessus
VMware Workstation 17.0.x < 17.5 Information Disclosure (VMSA-2023-0022)
2023-10-26 00:00:00
VMware Fusion 13.0.x < 13.5 Multiple Vulnerabilities (VMSA-2023-0022)
2023-10-26 00:00:00
cve
cve
CVE-2023-34044
2023-10-20 09:15:12
vmware
vmware
VMware Fusion and Workstation updates address privilege escalation and information disclosure vulnerabilities (CVE-2023-34044, CVE-2023-34045, CVE-2023-34046)
2023-10-19 00:00:00

CVSS3

7.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

AI Score

6.3

Confidence

High

EPSS

0

Percentile

15.9%

JSON
Related for KLA61502
cvelist1prion1nvd1zdi1nessus2cve1vmware1