{"containers": {"cna": {"affected": [{"product": "VMware ESXi", "vendor": "VMware", "versions": [{"status": "affected", "version": "6.7 before ESXi670-201904101-SG"}, {"status": "affected", "version": "6.5 before ESXi650-201907101-SG"}]}, {"product": "Workstation", "vendor": "VMware", "versions": [{"status": "affected", "version": "15.x before 15.0.2"}]}, {"product": "Fusion", "vendor": "VMware", "versions": [{"status": "affected", "version": "11.x before 11.0.2"}]}], "descriptions": [{"lang": "en", "value": "VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201907101-SG), Workstation (15.x before 15.0.2), and Fusion (11.x before 11.0.2) contain a heap overflow vulnerability in the vmxnet3 virtual network adapter. A malicious actor with local access to a virtual machine with a vmxnet3 network adapter present may be able to read privileged information contained in physical memory."}], "problemTypes": [{"descriptions": [{"description": "Heap overflow vulnerability", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-06-25T14:55:33", "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "shortName": "vmware"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@vmware.com", "ID": "CVE-2020-3971", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "VMware ESXi", "version": {"version_data": [{"version_value": "6.7 before ESXi670-201904101-SG"}, {"version_value": "6.5 before ESXi650-201907101-SG"}]}}, {"product_name": "Workstation", "version": {"version_data": [{"version_value": "15.x before 15.0.2"}]}}, {"product_name": "Fusion", "version": {"version_data": [{"version_value": "11.x before 11.0.2"}]}}]}, "vendor_name": "VMware"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201907101-SG), Workstation (15.x before 15.0.2), and Fusion (11.x before 11.0.2) contain a heap overflow vulnerability in the vmxnet3 virtual network adapter. A malicious actor with local access to a virtual machine with a vmxnet3 network adapter present may be able to read privileged information contained in physical memory."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Heap overflow vulnerability"}]}]}, "references": {"reference_data": [{"name": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html", "refsource": "CONFIRM", "url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"}]}}}}, "cveMetadata": {"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "assignerShortName": "vmware", "cveId": "CVE-2020-3971", "datePublished": "2020-06-25T14:55:33", "dateReserved": "2019-12-30T00:00:00", "dateUpdated": "2020-06-25T14:55:33", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*", "matchCriteriaId": "73EF8C75-E92C-440B-A7C9-5E2E4C6A36F9", "versionEndExcluding": "3.7.2", "versionStartIncluding": "3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*", "matchCriteriaId": "1DEC340C-6848-4ABC-8A3E-3E9B80F4B4EC", "versionEndExcluding": "11.0.2", "versionStartIncluding": "11.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*", "matchCriteriaId": "00FC06EC-9846-491F-9FB6-B79C5276F90D", "versionEndExcluding": "15.0.2", "versionStartIncluding": "15.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*", "matchCriteriaId": "FBA15143-734D-4889-8B5A-2445A2DDDD4B", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201701001:*:*:*:*:*:*", "matchCriteriaId": "04FA10C6-2B0D-47C9-8C4E-1BA98C97DC7A", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703001:*:*:*:*:*:*", "matchCriteriaId": "0D2ED442-3F6D-472A-AA98-51D05A65B2E0", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703002:*:*:*:*:*:*", "matchCriteriaId": "2A71EC72-3389-4EC7-8104-2A78F7B8C0DC", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201704001:*:*:*:*:*:*", "matchCriteriaId": "F948E806-0F73-4145-A723-7A43BA45842B", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707101:*:*:*:*:*:*", "matchCriteriaId": "75FAFF86-C65F-4723-8A63-BACE2F797937", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707102:*:*:*:*:*:*", "matchCriteriaId": "DBC31DE3-ACFE-422F-B253-2FE4AAFE3954", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707103:*:*:*:*:*:*", "matchCriteriaId": "B30B3EA4-495F-4915-B6E3-5FB9277C2DE6", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707201:*:*:*:*:*:*", "matchCriteriaId": "6FA9E337-B4F3-4895-BA58-962F8CDEE73E", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707202:*:*:*:*:*:*", "matchCriteriaId": "830B0BC1-A368-49AC-B6C9-B000972EF92A", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707203:*:*:*:*:*:*", "matchCriteriaId": "614394F3-3BEE-4E12-AABF-436D54A04313", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707204:*:*:*:*:*:*", "matchCriteriaId": "350FD3CE-8B64-4FCF-82DE-BE941156F4F6", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707205:*:*:*:*:*:*", "matchCriteriaId": "C9EAE177-6C7E-4C1B-ADEE-2C036F731272", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707206:*:*:*:*:*:*", "matchCriteriaId": "DFFEEC31-8462-4DF9-A1DA-D7057C209CBA", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707207:*:*:*:*:*:*", "matchCriteriaId": "0AC6BC16-0A1D-44B3-BA68-63EA05EDD54B", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707208:*:*:*:*:*:*", "matchCriteriaId": "942DAD67-9455-4D02-BD3B-BFD2DE7A7E52", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707209:*:*:*:*:*:*", "matchCriteriaId": "7ACC1A72-F6B6-430A-AB89-AB0A11587F58", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707210:*:*:*:*:*:*", "matchCriteriaId": "45111C74-BF6F-4C05-A0D3-CE325AD0C02B", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707211:*:*:*:*:*:*", "matchCriteriaId": "B1CE5849-01B1-4E36-83E8-496A3F328C9C", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707212:*:*:*:*:*:*", "matchCriteriaId": "A879BA05-3A80-4EBC-AA9D-9B53695425B4", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707213:*:*:*:*:*:*", "matchCriteriaId": "3D65A0E8-A1E0-42F3-B77D-2F32979278BB", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707214:*:*:*:*:*:*", "matchCriteriaId": "80C10150-39BA-4818-B48F-8645D4A0D316", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707215:*:*:*:*:*:*", "matchCriteriaId": "9792B986-86EF-40E0-9427-A45F858717E1", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707216:*:*:*:*:*:*", "matchCriteriaId": "37EDD688-C91A-4A35-913A-82E156ADD242", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707217:*:*:*:*:*:*", "matchCriteriaId": "5CC1AC0E-8D3F-46C0-BDA9-EB9DC9971F57", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707218:*:*:*:*:*:*", "matchCriteriaId": "47DA50DA-7CA4-4B76-8B3B-A5732509F71D", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707219:*:*:*:*:*:*", "matchCriteriaId": "76EB1A04-0645-4909-AEF9-33D6FADA4793", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707220:*:*:*:*:*:*", "matchCriteriaId": "F1A35723-D968-42D6-89EB-86CA550516E6", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707221:*:*:*:*:*:*", "matchCriteriaId": "C3AC8A19-F98E-48F1-A1EA-EAA1C7208335", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201710001:*:*:*:*:*:*", "matchCriteriaId": "2D6A3952-8429-4762-8701-47D7C1F05A5F", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201712001:*:*:*:*:*:*", "matchCriteriaId": "5B007609-C312-469B-BACF-04D6D80DADF7", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201803001:*:*:*:*:*:*", "matchCriteriaId": "514F2ECD-FC55-42A5-BEE4-DA7641CC93A7", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201806001:*:*:*:*:*:*", "matchCriteriaId": "3594E391-19CD-4803-8285-FA11BE63AB05", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201808001:*:*:*:*:*:*", "matchCriteriaId": "2CEC248D-502E-4A8D-8786-CD72A2E3AB1E", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810001:*:*:*:*:*:*", "matchCriteriaId": "4F08529C-B14C-45FB-AEA1-77D12C88CB30", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810002:*:*:*:*:*:*", "matchCriteriaId": "617835F5-49DA-4B42-8C7B-C122D7363A00", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811001:*:*:*:*:*:*", "matchCriteriaId": "E7DF3ED7-FA3F-4EBC-99AC-B7AD20E85927", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811002:*:*:*:*:*:*", "matchCriteriaId": "9ED86C29-2EA6-41DD-ACCB-1E02F9CB747E", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811301:*:*:*:*:*:*", "matchCriteriaId": "DE1372AD-2853-4BED-BB71-6BACB28B95C9", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201901001:*:*:*:*:*:*", "matchCriteriaId": "F0E684DF-9E45-459E-AB75-6B4653E5C7CF", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201903001:*:*:*:*:*:*", "matchCriteriaId": "B3DDD3E9-186F-472C-BA76-C2A363206792", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201905001:*:*:*:*:*:*", "matchCriteriaId": "A09E9914-DB27-41EF-B55D-5B79ECD1DA69", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:-:*:*:*:*:*:*", "matchCriteriaId": "B2792D06-A73E-4A56-A152-82E1AD4E707D", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201806001:*:*:*:*:*:*", "matchCriteriaId": "0CE9D758-2170-4ACD-965C-C76BDA693466", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201807001:*:*:*:*:*:*", "matchCriteriaId": "FD4A373B-2AC6-4193-9C34-1E4EEB552A9C", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201808001:*:*:*:*:*:*", "matchCriteriaId": "E75F4E15-2C5F-4667-B8A4-0EE9895FAEC5", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810001:*:*:*:*:*:*", "matchCriteriaId": "8B75B45F-E25A-4362-856D-465A9F8B70DB", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810101:*:*:*:*:*:*", "matchCriteriaId": "EDA4AE4C-3BA8-472D-950A-3C8684565CD8", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810102:*:*:*:*:*:*", "matchCriteriaId": "6AA3617D-B911-4BC5-B544-B31D4F43D2B3", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810103:*:*:*:*:*:*", "matchCriteriaId": "CDC6E0F6-83DF-4670-8D04-A41C7DC1B881", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810201:*:*:*:*:*:*", "matchCriteriaId": "047A71B3-CDFB-41F3-B2DE-11360DAE5744", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810202:*:*:*:*:*:*", "matchCriteriaId": "F88691FD-F263-4B75-BF21-481BC1623C3C", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810203:*:*:*:*:*:*", "matchCriteriaId": "D2A47CDA-D3DD-4E0F-8268-32A188EA1D94", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810204:*:*:*:*:*:*", "matchCriteriaId": "36A67476-2E8E-4104-9F10-7AE42F82508F", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810205:*:*:*:*:*:*", "matchCriteriaId": "ED029F1A-96D0-4EF2-9148-FC98E8B8FDCC", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810206:*:*:*:*:*:*", "matchCriteriaId": "E2283675-582F-44A8-833B-B5B439CBFA1E", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810207:*:*:*:*:*:*", "matchCriteriaId": "94C4A188-6B00-48C4-B7E2-9F70811BF618", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810208:*:*:*:*:*:*", "matchCriteriaId": "F82943E9-E2D0-49F4-BD32-40E84BA1957E", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810209:*:*:*:*:*:*", "matchCriteriaId": "3ACB68F5-EC73-4C30-8FD3-F6647F9BCCD4", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810210:*:*:*:*:*:*", "matchCriteriaId": "B854BA24-11FD-4D0C-9EFD-A88E64FED4E4", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810211:*:*:*:*:*:*", "matchCriteriaId": "554434AB-763F-4E95-B616-F7594041D511", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810212:*:*:*:*:*:*", "matchCriteriaId": "CE56E7AC-F63D-4A4B-9B45-0E623973B14B", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810213:*:*:*:*:*:*", "matchCriteriaId": "36664142-0111-42F5-A371-AD2C0DF211EF", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810214:*:*:*:*:*:*", "matchCriteriaId": "49EA78B6-8208-4351-88F9-103CA01EF3A1", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810215:*:*:*:*:*:*", "matchCriteriaId": "27AC575F-9AC4-4AA1-A71C-BF9F752295F1", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810216:*:*:*:*:*:*", "matchCriteriaId": "4C0F47F3-0509-45AC-8EA9-37246E4E6095", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810217:*:*:*:*:*:*", "matchCriteriaId": "CE103301-6AEF-4348-8F36-833021739AEF", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810218:*:*:*:*:*:*", "matchCriteriaId": "8D92B2FF-8962-41F9-B019-D83AAAD188FC", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810219:*:*:*:*:*:*", "matchCriteriaId": "8E6D5227-3421-412F-9BE0-583AA768446D", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810220:*:*:*:*:*:*", "matchCriteriaId": "BD2F52AF-D7EF-4F57-8F04-B0C6CD3FED63", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810221:*:*:*:*:*:*", "matchCriteriaId": "82BA9EB1-4EFB-4649-92C7-2C307966956E", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810222:*:*:*:*:*:*", "matchCriteriaId": "2133378D-8DFD-48B9-83A1-9FA7DDC68902", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810223:*:*:*:*:*:*", "matchCriteriaId": "57BF8703-0C83-4BA5-B0F7-FB6E45229685", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810224:*:*:*:*:*:*", "matchCriteriaId": "DAADDD62-2F6E-4D12-A49F-3D38ACF488E8", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810225:*:*:*:*:*:*", "matchCriteriaId": "B5834F35-6D9A-48E5-BB5C-3A7D6CCE36D6", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810226:*:*:*:*:*:*", "matchCriteriaId": "27FA0C0E-B5A2-4619-998B-CFB45496D895", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810227:*:*:*:*:*:*", "matchCriteriaId": "B98EDBA4-0BA4-4894-B6F6-681117A5C5C9", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810228:*:*:*:*:*:*", "matchCriteriaId": "8E756914-2C2A-4999-AAEA-2F6835A29C49", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810229:*:*:*:*:*:*", "matchCriteriaId": "0AC0C89B-26A3-40F7-855F-5F6B36B77F5B", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810230:*:*:*:*:*:*", "matchCriteriaId": "5BF2FE18-A90E-429A-98D1-9A97DD0464B0", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810231:*:*:*:*:*:*", "matchCriteriaId": "92289D85-0652-41D1-A6BA-D4B8C7EE1F45", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810232:*:*:*:*:*:*", "matchCriteriaId": "CF41887D-B145-4D01-9AEF-2E36479B2FA1", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810233:*:*:*:*:*:*", "matchCriteriaId": "0FEAF0ED-BD20-4BA6-BB23-1C978B823A11", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810234:*:*:*:*:*:*", "matchCriteriaId": "36234CE1-FA7E-4534-9720-410435E2BAEE", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201811001:*:*:*:*:*:*", "matchCriteriaId": "ABE65721-57C0-4748-B159-F6D97CE8CAB9", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901001:*:*:*:*:*:*", "matchCriteriaId": "CD1889D7-3313-4004-AA42-7879E8551413", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901401:*:*:*:*:*:*", "matchCriteriaId": "494E0B07-CE16-46D4-A89B-4F12A6CECDF4", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901402:*:*:*:*:*:*", "matchCriteriaId": "DD046237-16D7-4A57-9F09-2A6A649368C6", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901403:*:*:*:*:*:*", "matchCriteriaId": "8343E8DB-1D54-4B82-9254-2E2AFC548609", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201903001:*:*:*:*:*:*", "matchCriteriaId": "F853B5B8-E8F8-4EA2-90EB-0603F4AADAD5", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904001:*:*:*:*:*:*", "matchCriteriaId": "0169E032-F47A-45E0-BC33-B7DF54EC11BF", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201907101-SG), Workstation (15.x before 15.0.2), and Fusion (11.x before 11.0.2) contain a heap overflow vulnerability in the vmxnet3 virtual network adapter. A malicious actor with local access to a virtual machine with a vmxnet3 network adapter present may be able to read privileged information contained in physical memory."}, {"lang": "es", "value": "VMware ESXi (versiones 6.7 anteriores a ESXi670-201904101-SG y versiones 6.5 anteriores a ESXi650-201907101-SG), Workstation (versiones 15.x anteriores a 15.0.2) y Fusion (versiones 11.x anteriores a 11.0.2), contiene una vulnerabilidad de desbordamiento de la pila en el adaptador de red virtual vmxnet3. Un actor malicioso con acceso local a una m\u00e1quina virtual con un adaptador de red vmxnet3 presente puede ser capaz de leer informaci\u00f3n privilegiada contenida en la memoria f\u00edsica"}], "id": "CVE-2020-3971", "lastModified": "2020-07-01T17:43:55.060", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-06-25T15:15:11.507", "references": [{"source": "security@vmware.com", "tags": ["Vendor Advisory"], "url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"}], "sourceIdentifier": "security@vmware.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}