Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8.8
CVSSv3

CVE-2018-6981

Published: 04/12/2018 Updated: 03/02/2022
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
CVSS v3 Base Score: 8.8 | Impact Score: 6 | Exploitability Score: 2
VMScore: 642
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Vmware

Vulnerability Summary

VMware ESXi 6.7 without ESXi670-201811401-BG and VMware ESXi 6.5 without ESXi650-201811301-BG, VMware ESXi 6.0 without ESXi600-201811401-BG, VMware Workstation 15, VMware Workstation 14.1.3 or below, VMware Fusion 11, VMware Fusion 10.1.3 or below contain uninitialized stack memory usage in the vmxnet3 virtual network adapter which may allow a guest to execute code on the host.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

vmware workstation 15.0.0

vmware workstation

vmware fusion 11.0.0

vmware fusion

vmware esxi 6.0

vmware esxi 6.5

vmware esxi 6.7

Github Repositories

https://github.com/my4andle/vmxnet3Hunter

Use this tool to prioritize cluster patching for the recent VMware advisory VMSA-2018-0027 related to CVE-2018-6981 and CVE-2018-6982.

Limitation Script does not currently identify which ESXi systems have been patched, and merely relies on major and minor revision numbrer to determine if the hypervisor is vulnerable If required we can check patches but this tool will live and die over a short periord of time so it isn't worth the effort Description: This tool enables operations teams to quickly identif

https://github.com/heaphopopotamus/vmxnet3Hunter

Use this tool to prioritize cluster patching for the recent VMware advisory VMSA-2018-0027 related to CVE-2018-6981 and CVE-2018-6982.

Limitation Script does not currently identify which ESXi systems have been patched, and merely relies on major and minor revision numbrer to determine if the hypervisor is vulnerable If required we can check patches but this tool will live and die over a short periord of time so it isn't worth the effort Description: This tool enables operations teams to quickly identif

https://github.com/siovador/vmxnet3Hunter

Use this tool to prioritize cluster patching for the recent VMware advisory VMSA-2018-0027 related to CVE-2018-6981 and CVE-2018-6982.

Limitation Script does not currently identify which ESXi systems have been patched, and merely relies on major and minor revision numbrer to determine if the hypervisor is vulnerable If required we can check patches but this tool will live and die over a short periord of time so it isn't worth the effort Description: This tool enables operations teams to quickly identif

References

CWE-908https://www.vmware.com/security/advisories/VMSA-2018-0027.htmlhttp://www.securitytracker.com/id/1042055http://www.securitytracker.com/id/1042054http://www.securityfocus.com/bid/105881https://nvd.nist.govhttps://github.com/my4andle/vmxnet3Hunter
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304CVE-2024-4240arbitrary CVE-2024-31601XSSCVE-2023-20198CVE-2024-4256CVE-2024-3342encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook