CVE-2014-8370

high

Description

VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, VMware Fusion 6.x before 6.0.5, and VMware ESXi 5.0 through 5.5 allow host OS users to gain host OS privileges or cause a denial of service (arbitrary write to a file) by modifying a configuration file.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/100933

http://www.vmware.com/security/advisories/VMSA-2015-0001.html

http://www.securitytracker.com/id/1031643

http://www.securitytracker.com/id/1031642

http://www.securityfocus.com/bid/72338

http://secunia.com/advisories/62669

http://secunia.com/advisories/62605

http://secunia.com/advisories/62551

http://jvndb.jvn.jp/jvndb/JVNDB-2015-000007

http://jvn.jp/en/jp/JVN88252465/index.html

Details

Source: Mitre, NVD

Published: 2015-01-29

Risk Information

CVSS v2

Base Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High