Vulnerability Details CVE-2017-4938
VMware Workstation (12.x before 12.5.8) and Fusion (8.x before 8.5.9) contain a guest RPC NULL pointer dereference vulnerability. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 13.7%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 2.1
References
Products affected by CVE-2017-4938
-
cpe:2.3:a:vmware:fusion:8.0.0
-
cpe:2.3:a:vmware:fusion:8.0.1
-
cpe:2.3:a:vmware:fusion:8.0.2
-
cpe:2.3:a:vmware:fusion:8.1.0
-
cpe:2.3:a:vmware:fusion:8.1.1
-
cpe:2.3:a:vmware:fusion:8.5.0
-
cpe:2.3:a:vmware:fusion:8.5.1
-
cpe:2.3:a:vmware:fusion:8.5.2
-
cpe:2.3:a:vmware:fusion:8.5.3
-
cpe:2.3:a:vmware:fusion:8.5.4
-
cpe:2.3:a:vmware:fusion:8.5.5
-
cpe:2.3:a:vmware:fusion:8.5.6
-
cpe:2.3:a:vmware:fusion:8.5.7
-
cpe:2.3:a:vmware:fusion:8.5.8
-
cpe:2.3:a:vmware:workstation:12.0.0
-
cpe:2.3:a:vmware:workstation:12.0.1
-
cpe:2.3:a:vmware:workstation:12.1
-
cpe:2.3:a:vmware:workstation:12.1.1
-
cpe:2.3:a:vmware:workstation:12.5
-
cpe:2.3:a:vmware:workstation:12.5.1
-
cpe:2.3:a:vmware:workstation:12.5.2
-
cpe:2.3:a:vmware:workstation:12.5.3
-
cpe:2.3:a:vmware:workstation:12.5.4
-
cpe:2.3:a:vmware:workstation:12.5.5
-
cpe:2.3:a:vmware:workstation:12.5.6
-
cpe:2.3:a:vmware:workstation:12.5.7