VMware ESXi 7.0.0 b

CPE Details

VMware ESXi 7.0.0 b
vmware
esxi
7.0.0
2021-02-26
11h13 +00:00
2021-05-28
14h36 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:o:vmware:esxi:7.0.0:b:*:*:*:*:*:*

Informations

Vendor

vmware

Product

esxi

Version

7.0.0

Update

b

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2024-22252 2024-03-05 17h57 +00:00 VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed.
9.3
Critical
CVE-2021-21974 2021-02-24 15h57 +00:00 OpenSLP as used in ESXi (7.0 before ESXi70U1c-17325551, 6.7 before ESXi670-202102401-SG, 6.5 before ESXi650-202102101-SG) has a heap-overflow vulnerability. A malicious actor residing within the same network segment as ESXi who has access to port 427 may be able to trigger the heap-overflow issue in OpenSLP service resulting in remote code execution.
8.8
High
CVE-2020-3999 2020-12-21 14h14 +00:00 VMware ESXi (7.0 prior to ESXi70U1c-17325551), VMware Workstation (16.x prior to 16.0 and 15.x prior to 15.5.7), VMware Fusion (12.x prior to 12.0 and 11.x prior to 11.5.7) and VMware Cloud Foundation contain a denial of service vulnerability due to improper input validation in GuestInfo. A malicious actor with normal user privilege access to a virtual machine can crash the virtual machine's vmx process leading to a denial of service condition.
6.5
Medium