← Back

CVE-2017-4905

nvd nist
Published: Jun 7, 2017Modified: May 13, 2026

JSON object

Loading...
5.5
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Exploitability: 1.8 / Impact: 3.6
Source: NVD

Description

VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have uninitialized memory usage. This issue may lead to an information leak.

Affected (17)

Vmware
5 products
Fusion
Fusion Pro
Esxi
Workstation Player
Workstation Pro
Configuration A
2 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Fusion
From 8.0.0 to 8.5.6
Fusion Pro
From 8.0.0 to 8.5.6
Running on/withPlatform Versions
Apple
Mac Os X
All versions
Configuration B
15 vulnerable
Vulnerable SoftwareAffected Versions
Vmware
Esxi
Version 5.5
Esxi
Version 5.5 1
Esxi
Version 5.5 2
Esxi
Version 5.5 3a
Esxi
Version 5.5 3b
Esxi
Version 6.0
Esxi
Version 6.0 1
Esxi
Version 6.0 1a
Esxi
Version 6.0 1b
Esxi
Version 6.0 2
Esxi
Version 6.0 3
Esxi
Version 6.0 3a
Esxi
Version 6.5
Workstation Player
From 12.0.0 to 12.5.5
Workstation Pro
From 12.0.0 to 12.5.5

Related CWEs

CWE-908
Use of Uninitialized Resource
The product uses or accesses a resource that has not been initialized.

References (8)

Source: security@vmware.com
Third Party AdvisoryVDB Entry
Source: security@vmware.com
Third Party AdvisoryVDB Entry
Source: security@vmware.com
Third Party AdvisoryVDB Entry
Source: security@vmware.com
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory

Timeline

No history available yet.