CVE-2015-6933

MEDIUM

Vmware Player - Improper Access Control

Title source: rule

Description

The VMware Tools HGFS (aka Shared Folders) implementation in VMware Workstation 11.x before 11.1.2, VMware Player 7.x before 7.1.2, VMware Fusion 7.x before 7.1.2, and VMware ESXi 5.0 through 6.0 allows Windows guest OS users to gain guest OS privileges or cause a denial of service (guest OS kernel memory corruption) via unspecified vectors.

References (3)

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1034603

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1034604

[Patch, Vendor Advisory] http://www.vmware.com/security/advisories/VMSA-2016-0001.html

Scores

CVSS v3 6.3

EPSS 0.0181

EPSS Percentile 82.6%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Classification

CWE

CWE-284

Status draft

Affected Products (16)

vmware/player

vmware/workstation

vmware/esxi

vmware/fusion

... and 1 more

Timeline

Published Jan 09, 2016

Tracked Since Feb 18, 2026