CVE-2015-6933

CWE-284 — Improper Access Control3 documents3 sources

Severity

6.3MEDIUM

EPSS

1.8%

top 17.16%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Vmware Esxi Vmware Fusion Vmware Player +1 more

Timeline

PublishedJan 9

Latest updateMay 17

Description

The VMware Tools HGFS (aka Shared Folders) implementation in VMware Workstation 11.x before 11.1.2, VMware Player 7.x before 7.1.2, VMware Fusion 7.x before 7.1.2, and VMware ESXi 5.0 through 6.0 allows Windows guest OS users to gain guest OS privileges or cause a denial of service (guest OS kernel memory corruption) via unspecified vectors.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:LExploitability: 2.8 | Impact: 3.4

Affected Packages4 packages

▶NVDvmware/esxi4 versions+3

▶NVDvmware/fusion7.0, 7.1, 7.1.1+2

▶NVDvmware/player7.0, 7.1, 7.1.1+2

▶NVDvmware/workstation11.0, 11.1, 11.1.1+2

Patches

Patch: www.vmware.com ↗Patch: www.vmware.com ↗

🔴Vulnerability Details

GHSA

GHSA-gh38-v7fv-5hxj: The VMware Tools HGFS (aka Shared Folders) implementation in VMware Workstation 11↗2022-05-17

▶

CVEList

CVE-2015-6933: The VMware Tools HGFS (aka Shared Folders) implementation in VMware Workstation 11↗2016-01-09

▶