CVE-2020-3999 - OpenCVE

VMware ESXi (7.0 prior to ESXi70U1c-17325551), VMware Workstation (16.x prior to 16.0 and 15.x prior to 15.5.7), VMware Fusion (12.x prior to 12.0 and 11.x prior to 11.5.7) and VMware Cloud Foundation contain a denial of service vulnerability due to improper input validation in GuestInfo. A malicious actor with normal user privilege access to a virtual machine can crash the virtual machine's vmx process leading to a denial of service condition.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:L/AC:L/Au:N/C:N/I:N/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Vmware	Workstation Fusion Esxi
Apple	Mac Os X

Configuration 1 [-]

OR	cpe:2.3:a:vmware:workstation::::::::
	cpe:2.3:o:vmware:esxi::::::::

Configuration 2 [-]

AND

cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*

References

Link	Resource
https://www.vmware.com/security/advisories/VMSA-2020-0029.html	Patch Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: vmware

Published: 2020-12-21T15:14:08

Updated: 2020-12-21T15:14:08

Reserved: 2019-12-30T00:00:00

Link: CVE-2020-3999

JSON object: View

NVD Information

Status : Analyzed

Published: 2020-12-21T16:15:13.177

Modified: 2021-07-21T11:39:23.747

Link: CVE-2020-3999

JSON object: View

Redhat Information

No data.

CWE

CWE-20

{"containers": {"cna": {"affected": [{"product": "VMware ESXi, VMware Workstation,VMware Fusion and VMware Cloud Foundation", "vendor": "n/a", "versions": [{"status": "affected", "version": "VMware ESXi (7.0 prior to ESXi70U1c-17325551), VMware Workstation (16.x prior to 16.0 and 15.x prior to 15.5.7)and VMware Fusion (12.x prior to 12.0 and 11.x prior to 11.5.7)"}]}], "descriptions": [{"lang": "en", "value": "VMware ESXi (7.0 prior to ESXi70U1c-17325551), VMware Workstation (16.x prior to 16.0 and 15.x prior to 15.5.7), VMware Fusion (12.x prior to 12.0 and 11.x prior to 11.5.7) and VMware Cloud Foundation contain a denial of service vulnerability due to improper input validation in GuestInfo. A malicious actor with normal user privilege access to a virtual machine can crash the virtual machine's vmx process leading to a denial of service condition."}], "problemTypes": [{"descriptions": [{"description": "Denial-of-Service Vulnerability", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-12-21T15:14:08", "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "shortName": "vmware"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.vmware.com/security/advisories/VMSA-2020-0029.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@vmware.com", "ID": "CVE-2020-3999", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "VMware ESXi, VMware Workstation,VMware Fusion and VMware Cloud Foundation", "version": {"version_data": [{"version_value": "VMware ESXi (7.0 prior to ESXi70U1c-17325551), VMware Workstation (16.x prior to 16.0 and 15.x prior to 15.5.7)and VMware Fusion (12.x prior to 12.0 and 11.x prior to 11.5.7)"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "VMware ESXi (7.0 prior to ESXi70U1c-17325551), VMware Workstation (16.x prior to 16.0 and 15.x prior to 15.5.7), VMware Fusion (12.x prior to 12.0 and 11.x prior to 11.5.7) and VMware Cloud Foundation contain a denial of service vulnerability due to improper input validation in GuestInfo. A malicious actor with normal user privilege access to a virtual machine can crash the virtual machine's vmx process leading to a denial of service condition."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Denial-of-Service Vulnerability"}]}]}, "references": {"reference_data": [{"name": "https://www.vmware.com/security/advisories/VMSA-2020-0029.html", "refsource": "MISC", "url": "https://www.vmware.com/security/advisories/VMSA-2020-0029.html"}]}}}}, "cveMetadata": {"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "assignerShortName": "vmware", "cveId": "CVE-2020-3999", "datePublished": "2020-12-21T15:14:08", "dateReserved": "2019-12-30T00:00:00", "dateUpdated": "2020-12-21T15:14:08", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*", "matchCriteriaId": "22C19FF0-3E38-4717-9044-092EF9C4C486", "versionEndExcluding": "15.5.7", "versionStartIncluding": "15.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:*:*:*:*:*:*:*:*", "matchCriteriaId": "2DEBACF7-C086-4222-A9E2-EBFFAFF5DA8B", "versionEndExcluding": "esxi70u1c-17325551", "versionStartIncluding": "7.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*", "matchCriteriaId": "142A21C9-7071-4191-B8FC-F8955A40DBD9", "versionEndExcluding": "11.5.7", "versionStartIncluding": "11.5.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "VMware ESXi (7.0 prior to ESXi70U1c-17325551), VMware Workstation (16.x prior to 16.0 and 15.x prior to 15.5.7), VMware Fusion (12.x prior to 12.0 and 11.x prior to 11.5.7) and VMware Cloud Foundation contain a denial of service vulnerability due to improper input validation in GuestInfo. A malicious actor with normal user privilege access to a virtual machine can crash the virtual machine's vmx process leading to a denial of service condition."}, {"lang": "es", "value": "VMware ESXi (versiones 7.0 anteriores a ESXi70U1c-17325551), VMware Workstation (versiones 16.x anteriores a 16.0 y versiones 15.x anteriores a 15.5.7), VMware Fusion (versiones 12.x anteriores a 12.0 y versiones 11.x anteriores a 11.5.7) y VMware Cloud Foundation contienen una vulnerabilidad de denegaci\u00f3n de servicio debido a una comprobaci\u00f3n inapropiada de la entrada en GuestInfo. Un actor malicioso con acceso privilegiado de usuario normal para una m\u00e1quina virtual puede bloquear el proceso vmx de la m\u00e1quina virtual y causar una condici\u00f3n de denegaci\u00f3n de servicio"}], "id": "CVE-2020-3999", "lastModified": "2021-07-21T11:39:23.747", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.0, "impactScore": 4.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-12-21T16:15:13.177", "references": [{"source": "security@vmware.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.vmware.com/security/advisories/VMSA-2020-0029.html"}], "sourceIdentifier": "security@vmware.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}