Detections
Analytics
ESXi 5.5 < Build 6480267 RPC NULL Pointer Dereference Vulnerability (VMSA-2017-0015) (remote check)
medium Nessus Plugin ID 103375
Language:
Synopsis
The remote VMware ESXi 5.5 host is affected by an RPC NULL pointer dereference vulnerability.Description
The version of the remote VMware ESXi 5.5 host is prior to build 6480267. It is, therefore, affected by a NULL pointer dereference vulnerability related to handling RPC requests that could allow an attacker to crash a virtual machine.Solution
Apply patch ESXi550-201709101-SG according to the vendor advisory.See Also
https://www.vmware.com/security/advisories/VMSA-2017-0015.html
Plugin Details
Severity: Medium
ID: 103375
File Name: vmware_esxi_5_5_build_6480267_remote.nasl
Version: 3.7
Type: remote
Family: Misc.
Published: 9/21/2017
Updated: 11/12/2019
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Low
Score: 3.6
CVSS v2
Risk Factor: Low
Base Score: 2.1
Temporal Score: 1.6
Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P
CVSS Score Source: CVE-2017-4925
CVSS v3
Risk Factor: Medium
Base Score: 5.5
Temporal Score: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/o:vmware:esxi:5.5
Required KB Items: Host/VMware/release, Host/VMware/version
Exploit Ease: No known exploits are available
Patch Publication Date: 9/14/2017
Vulnerability Publication Date: 9/14/2017
Reference Information
CVE: CVE-2017-4925
BID: 100842
VMSA: 2017-0015