Home
MEDIUM: 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HDefault status
unaffected
8.0 (custom) before ESXi80U3se-24659227
affected
7.0 (custom) before ESXi70U3sv-24723868
affected
Default status
unaffected
5.x, 4.5.x
affected
Default status
unaffected
5.x, 4.x, 3.x, 2.x
affected
Default status
unaffected
3.x, 2.x
affected
Default status
unaffected
17.x (custom) before 17.6.3
affected
Default status
unaffected
13.x (custom) before 13.6.3
affected
Description
VMware ESXi, Workstation, and Fusion contain a denial-of-service vulnerability due to certain guest options. A malicious actor with non-administrative privileges within a guest operating system may be able to exploit this issue by exhausting memory of the host process leading to a denial-of-service condition.
Problem types
CWE-400 Uncontrolled Resource Consumption
Product status
8.0 (custom) before ESXi80U3se-24659227
7.0 (custom) before ESXi70U3sv-24723868
5.x, 4.5.x
5.x, 4.x, 3.x, 2.x
3.x, 2.x
17.x (custom) before 17.6.3
13.x (custom) before 13.6.3
References
support.broadcom.com/...l/content/SecurityAdvisories/0/25717