Home
MEDIUM: 6.8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:HDefault status
unaffected
8.0 (custom) before ESXi80U3se-24659227
affected
7.0 (custom) before ESXi70U3sv-24723868
affected
Default status
unaffected
5.x, 4.5.x
affected
Default status
unaffected
5.x, 4.x, 3.x, 2.x
affected
Default status
unaffected
3.x, 2.x
affected
Description
VMware ESXi contains a denial-of-service vulnerability that occurs when performing a guest operation. A malicious actor with guest operation privileges on a VM, who is already authenticated through vCenter Server or ESXi may trigger this issue to create a denial-of-service condition of guest VMs with VMware Tools running and guest operations enabled.
Problem types
CWE-400 Uncontrolled Resource Consumption
Product status
8.0 (custom) before ESXi80U3se-24659227
7.0 (custom) before ESXi70U3sv-24723868
5.x, 4.5.x
5.x, 4.x, 3.x, 2.x
3.x, 2.x
References
support.broadcom.com/...l/content/SecurityAdvisories/0/25717