Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.9
CVSSv2

CVE-2018-6982

Published: 04/12/2018 Updated: 03/02/2022
CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9
CVSS v3 Base Score: 6.5 | Impact Score: 4 | Exploitability Score: 2
VMScore: 437
Vector: AV:L/AC:L/Au:N/C:C/I:N/A:N
Subscribe to Vmware

Vulnerability Summary

VMware ESXi 6.7 without ESXi670-201811401-BG and VMware ESXi 6.5 without ESXi650-201811301-BG contain uninitialized stack memory usage in the vmxnet3 virtual network adapter which may lead to an information leak from host to guest.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

vmware workstation

vmware workstation 15.0.0

vmware fusion

vmware fusion 11.0.0

vmware esxi 6.0

vmware esxi 6.5

vmware esxi 6.7

Github Repositories

https://github.com/my4andle/vmxnet3Hunter

Use this tool to prioritize cluster patching for the recent VMware advisory VMSA-2018-0027 related to CVE-2018-6981 and CVE-2018-6982.

Limitation Script does not currently identify which ESXi systems have been patched, and merely relies on major and minor revision numbrer to determine if the hypervisor is vulnerable If required we can check patches but this tool will live and die over a short periord of time so it isn't worth the effort Description: This tool enables operations teams to quickly identif

https://github.com/heaphopopotamus/vmxnet3Hunter

Use this tool to prioritize cluster patching for the recent VMware advisory VMSA-2018-0027 related to CVE-2018-6981 and CVE-2018-6982.

Limitation Script does not currently identify which ESXi systems have been patched, and merely relies on major and minor revision numbrer to determine if the hypervisor is vulnerable If required we can check patches but this tool will live and die over a short periord of time so it isn't worth the effort Description: This tool enables operations teams to quickly identif

https://github.com/siovador/vmxnet3Hunter

Use this tool to prioritize cluster patching for the recent VMware advisory VMSA-2018-0027 related to CVE-2018-6981 and CVE-2018-6982.

Limitation Script does not currently identify which ESXi systems have been patched, and merely relies on major and minor revision numbrer to determine if the hypervisor is vulnerable If required we can check patches but this tool will live and die over a short periord of time so it isn't worth the effort Description: This tool enables operations teams to quickly identif

References

CWE-908https://www.vmware.com/security/advisories/VMSA-2018-0027.htmlhttp://www.securitytracker.com/id/1042055http://www.securityfocus.com/bid/105882https://nvd.nist.govhttps://github.com/my4andle/vmxnet3Hunter
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040privilege escalationCVE-2024-4112CVE-2024-32872man-in-the-middleCVE-2024-32788bypassCVE-2024-3400CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook