Vulnerability Details CVE-2014-8370
VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, VMware Fusion 6.x before 6.0.5, and VMware ESXi 5.0 through 5.5 allow host OS users to gain host OS privileges or cause a denial of service (arbitrary write to a file) by modifying a configuration file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.01
EPSS Ranking 76.3%
CVSS Severity
CVSS v2 Score 6.4
References
- http://jvn.jp/en/jp/JVN88252465/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2015-000007
- http://secunia.com/advisories/62551
- http://secunia.com/advisories/62605
- http://secunia.com/advisories/62669
- http://www.securityfocus.com/bid/72338
- http://www.securitytracker.com/id/1031642
- http://www.securitytracker.com/id/1031643
- http://www.vmware.com/security/advisories/VMSA-2015-0001.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/100933
- http://jvn.jp/en/jp/JVN88252465/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2015-000007
- http://secunia.com/advisories/62551
- http://secunia.com/advisories/62605
- http://secunia.com/advisories/62669
- http://www.securityfocus.com/bid/72338
- http://www.securitytracker.com/id/1031642
- http://www.securitytracker.com/id/1031643
- http://www.vmware.com/security/advisories/VMSA-2015-0001.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/100933
Products affected by CVE-2014-8370
-
cpe:2.3:a:vmware:fusion:6.0
-
cpe:2.3:a:vmware:fusion:6.0.1
-
cpe:2.3:a:vmware:fusion:6.0.2
-
cpe:2.3:a:vmware:fusion:6.0.3
-
cpe:2.3:a:vmware:fusion:6.0.4
-
cpe:2.3:a:vmware:player:6.0
-
cpe:2.3:a:vmware:player:6.0.1
-
cpe:2.3:a:vmware:player:6.0.2
-
cpe:2.3:a:vmware:player:6.0.3
-
cpe:2.3:a:vmware:player:6.0.4
-
cpe:2.3:a:vmware:workstation:10.0
-
cpe:2.3:a:vmware:workstation:10.0.1
-
cpe:2.3:a:vmware:workstation:10.0.2
-
cpe:2.3:a:vmware:workstation:10.0.3
-
cpe:2.3:a:vmware:workstation:10.0.4
-
cpe:2.3:o:vmware:esxi:5.0
-
cpe:2.3:o:vmware:esxi:5.1
-
cpe:2.3:o:vmware:esxi:5.5