Lucene search
Copyright (C) 2024 Greenbone AGOPENVAS:1361412562310834022HistoryMay 22, 2024 - 12:00 a.m.
VMware Workstation Out-of-bounds read/write Vulnerability (VMSA-2024-0011) - Windows
2024-05-2200:00:00
Copyright (C) 2024 Greenbone AG
plugins.openvas.org
8
vmware workstation
vulnerability
out of bounds
arbitrary code
denial of service
windows
update
CVSS3
8.1
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
AI Score
7.3
Confidence
Low
EPSS
0
Percentile
9.0%
VMware Workstation is prone to an out of
bounds read/write vulnerability.
# SPDX-FileCopyrightText: 2024 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
CPE = "cpe:/a:vmware:workstation";
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.834022");
script_version("2024-05-24T19:38:34+0000");
script_cve_id("CVE-2024-22273");
script_tag(name:"cvss_base", value:"5.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_tag(name:"last_modification", value:"2024-05-24 19:38:34 +0000 (Fri, 24 May 2024)");
script_tag(name:"creation_date", value:"2024-05-22 15:17:45 +0530 (Wed, 22 May 2024)");
script_name("VMware Workstation Out-of-bounds read/write Vulnerability (VMSA-2024-0011) - Windows");
script_tag(name:"summary", value:"VMware Workstation is prone to an out of
bounds read/write vulnerability.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present
on the target host.");
script_tag(name:"insight", value:"The flaw exists due to an out of bounds
read/write error exists in VMware Workstation.");
script_tag(name:"impact", value:"Successful exploitation allows an attacker
to run arbitrary code and cause denial of service attacks.");
script_tag(name:"affected", value:"VMware Workstation 17.x before 17.5.1 on
Windows.");
script_tag(name:"solution", value:"Update to version 17.5.1 or later.");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"registry");
script_xref(name:"URL", value:"https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24308");
script_copyright("Copyright (C) 2024 Greenbone AG");
script_category(ACT_GATHER_INFO);
script_family("Denial of Service");
script_dependencies("gb_vmware_prdts_detect_win.nasl");
script_mandatory_keys("VMware/Win/Installed");
exit(0);
}
include("host_details.inc");
include("version_func.inc");
if(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))
exit(0);
vers = infos["version"];
path = infos["location"];
if(vers =~ "^17\." && version_is_less(version:vers, test_version:"17.5.1")) {
report = report_fixed_ver(installed_version:vers, fixed_version:"17.5.1", install_path:path);
security_message(port:0, data:report);
exit(0);
}
exit(99);
Related
vulnrichment
vulnrichment
CVE-2024-22273
2024-05-21 17:29:05
openvas
openvas
VMware Workstation Out-of-bounds read/write Vulnerability (VMSA-2024-0011) - Linux
2024-05-22 00:00:00
VMware ESXi Out-of-bounds read/write Vulnerability (VMSA-2024-0011)
2024-05-23 00:00:00
cve
cve
CVE-2024-22273
2024-05-21 18:15:08
cvelist
cvelist
CVE-2024-22273
2024-05-21 17:29:05
nvd
nvd
CVE-2024-22273
2024-05-21 18:15:08
nessus
nessus
VMware Fusion 13.0.x < 13.5.1 Multiple Vulnerabilities (VMSA-2024-0011)
2024-08-22 00:00:00
VMware Workstation 17.0.x < 17.5.1 Multiple Vulnerabilities (VMSA-2024-0011)
2024-08-22 00:00:00
CVSS3
8.1
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
AI Score
7.3
Confidence
Low
EPSS
0
Percentile
9.0%
Related for OPENVAS:1361412562310834022