CVE-2012-1518

CWE-2643 documents3 sources

Severity

8.3HIGH

EPSS

0.9%

top 24.23%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Vmware ESX Vmware Esxi Vmware Fusion +2 more

Timeline

PublishedApr 17

Latest updateMay 14

Description

VMware Workstation 8.x before 8.0.2, VMware Player 4.x before 4.0.2, VMware Fusion 4.x before 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 use an incorrect ACL for the VMware Tools folder, which allows guest OS users to gain guest OS privileges via unspecified vectors.

CVSS vector

AV:A/AC:L/C:C/I:C/A:CExploitability: 6.5 | Impact: 10.0

Affected Packages5 packages

▶NVDvmware/esxi4 versions+3

▶NVDvmware/fusion5 versions+4

▶NVDvmware/player4.0, 4.0.1, 4.0.2+2

▶NVDvmware/workstation8.0, 8.0.1+1

▶NVDvmware/esx3.5, 4.0, 4.1+2

🔴Vulnerability Details

GHSA

GHSA-4vv7-8gg7-f95h: VMware Workstation 8↗2022-05-14

▶

CVEList

CVE-2012-1518: VMware Workstation 8↗2012-04-17

▶