Lucene search

[email protected]NVD:CVE-2020-3971

HistoryJun 25, 2020 - 3:15 p.m.

CVE-2020-3971

2020-06-2515:15:11

CWE-787

[email protected]

web.nvd.nist.gov

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

Percentile

12.6%

JSON

VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201907101-SG), Workstation (15.x before 15.0.2), and Fusion (11.x before 11.0.2) contain a heap overflow vulnerability in the vmxnet3 virtual network adapter. A malicious actor with local access to a virtual machine with a vmxnet3 network adapter present may be able to read privileged information contained in physical memory.

Affected configurations

Nvd

Node

vmwarecloud_foundationRange3.0–3.7.2

vmwarefusionRange11.0.0–11.0.2

vmwareworkstationRange15.0.0–15.0.2

vmwareesxiMatch6.5-

vmwareesxiMatch6.5650-201701001

vmwareesxiMatch6.5650-201703001

vmwareesxiMatch6.5650-201703002

vmwareesxiMatch6.5650-201704001

vmwareesxiMatch6.5650-201707101

vmwareesxiMatch6.5650-201707102

vmwareesxiMatch6.5650-201707103

vmwareesxiMatch6.5650-201707201

vmwareesxiMatch6.5650-201707202

vmwareesxiMatch6.5650-201707203

vmwareesxiMatch6.5650-201707204

vmwareesxiMatch6.5650-201707205

vmwareesxiMatch6.5650-201707206

vmwareesxiMatch6.5650-201707207

vmwareesxiMatch6.5650-201707208

vmwareesxiMatch6.5650-201707209

vmwareesxiMatch6.5650-201707210

vmwareesxiMatch6.5650-201707211

vmwareesxiMatch6.5650-201707212

vmwareesxiMatch6.5650-201707213

vmwareesxiMatch6.5650-201707214

vmwareesxiMatch6.5650-201707215

vmwareesxiMatch6.5650-201707216

vmwareesxiMatch6.5650-201707217

vmwareesxiMatch6.5650-201707218

vmwareesxiMatch6.5650-201707219

vmwareesxiMatch6.5650-201707220

vmwareesxiMatch6.5650-201707221

vmwareesxiMatch6.5650-201710001

vmwareesxiMatch6.5650-201712001

vmwareesxiMatch6.5650-201803001

vmwareesxiMatch6.5650-201806001

vmwareesxiMatch6.5650-201808001

vmwareesxiMatch6.5650-201810001

vmwareesxiMatch6.5650-201810002

vmwareesxiMatch6.5650-201811001

vmwareesxiMatch6.5650-201811002

vmwareesxiMatch6.5650-201811301

vmwareesxiMatch6.5650-201901001

vmwareesxiMatch6.5650-201903001

vmwareesxiMatch6.5650-201905001

vmwareesxiMatch6.7-

vmwareesxiMatch6.7670-201806001

vmwareesxiMatch6.7670-201807001

vmwareesxiMatch6.7670-201808001

vmwareesxiMatch6.7670-201810001

vmwareesxiMatch6.7670-201810101

vmwareesxiMatch6.7670-201810102

vmwareesxiMatch6.7670-201810103

vmwareesxiMatch6.7670-201810201

vmwareesxiMatch6.7670-201810202

vmwareesxiMatch6.7670-201810203

vmwareesxiMatch6.7670-201810204

vmwareesxiMatch6.7670-201810205

vmwareesxiMatch6.7670-201810206

vmwareesxiMatch6.7670-201810207

vmwareesxiMatch6.7670-201810208

vmwareesxiMatch6.7670-201810209

vmwareesxiMatch6.7670-201810210

vmwareesxiMatch6.7670-201810211

vmwareesxiMatch6.7670-201810212

vmwareesxiMatch6.7670-201810213

vmwareesxiMatch6.7670-201810214

vmwareesxiMatch6.7670-201810215

vmwareesxiMatch6.7670-201810216

vmwareesxiMatch6.7670-201810217

vmwareesxiMatch6.7670-201810218

vmwareesxiMatch6.7670-201810219

vmwareesxiMatch6.7670-201810220

vmwareesxiMatch6.7670-201810221

vmwareesxiMatch6.7670-201810222

vmwareesxiMatch6.7670-201810223

vmwareesxiMatch6.7670-201810224

vmwareesxiMatch6.7670-201810225

vmwareesxiMatch6.7670-201810226

vmwareesxiMatch6.7670-201810227

vmwareesxiMatch6.7670-201810228

vmwareesxiMatch6.7670-201810229

vmwareesxiMatch6.7670-201810230

vmwareesxiMatch6.7670-201810231

vmwareesxiMatch6.7670-201810232

vmwareesxiMatch6.7670-201810233

vmwareesxiMatch6.7670-201810234

vmwareesxiMatch6.7670-201811001

vmwareesxiMatch6.7670-201901001

vmwareesxiMatch6.7670-201901401

vmwareesxiMatch6.7670-201901402

vmwareesxiMatch6.7670-201901403

vmwareesxiMatch6.7670-201903001

vmwareesxiMatch6.7670-201904001

VendorProductVersionCPE
vmwarecloud_foundation*cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*
vmwarefusion*cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*
vmwareworkstation*cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*
vmwareesxi6.5cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*
vmwareesxi6.5cpe:2.3:o:vmware:esxi:6.5:650-201701001:*:*:*:*:*:*
vmwareesxi6.5cpe:2.3:o:vmware:esxi:6.5:650-201703001:*:*:*:*:*:*
vmwareesxi6.5cpe:2.3:o:vmware:esxi:6.5:650-201703002:*:*:*:*:*:*
vmwareesxi6.5cpe:2.3:o:vmware:esxi:6.5:650-201704001:*:*:*:*:*:*
vmwareesxi6.5cpe:2.3:o:vmware:esxi:6.5:650-201707101:*:*:*:*:*:*
vmwareesxi6.5cpe:2.3:o:vmware:esxi:6.5:650-201707102:*:*:*:*:*:*

Vendor	Product	Version	CPE
vmware	cloud_foundation	*	cpe:2.3:a:vmware:cloud_foundation::::::::
vmware	fusion	*	cpe:2.3:a:vmware:fusion::::::::
vmware	workstation	*	cpe:2.3:a:vmware:workstation::::::::
vmware	esxi	6.5	cpe:2.3:o:vmware:esxi:6.5:-::::::
vmware	esxi	6.5	cpe:2.3:o:vmware:esxi:6.5:650-201701001::::::
vmware	esxi	6.5	cpe:2.3:o:vmware:esxi:6.5:650-201703001::::::
vmware	esxi	6.5	cpe:2.3:o:vmware:esxi:6.5:650-201703002::::::
vmware	esxi	6.5	cpe:2.3:o:vmware:esxi:6.5:650-201704001::::::
vmware	esxi	6.5	cpe:2.3:o:vmware:esxi:6.5:650-201707101::::::
vmware	esxi	6.5	cpe:2.3:o:vmware:esxi:6.5:650-201707102::::::

Rows per page:

1-10 of 941

References

www.vmware.com/security/advisories/VMSA-2020-0015.html

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

Percentile

12.6%

JSON

Related for NVD:CVE-2020-3971

prion1 cve1 cvelist1 kaspersky1 nessus1 vmware1