CVE-2015-6933
MEDIUMVMware Player and Workstation - Improper Access Control in Shared Folders
Title source: llmDescription
The VMware Tools HGFS (aka Shared Folders) implementation in VMware Workstation 11.x before 11.1.2, VMware Player 7.x before 7.1.2, VMware Fusion 7.x before 7.1.2, and VMware ESXi 5.0 through 6.0 allows Windows guest OS users to gain guest OS privileges or cause a denial of service (guest OS kernel memory corruption) via unspecified vectors.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1034604
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1034603
Patch, Vendor Advisory x_refsource_confirm
http://www.vmware.com/security/advisories/VMSA-2016-0001.html
Scores
CVSS v3
6.3
EPSS
0.0181
EPSS Percentile
83.1%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Details
CWE
CWE-284
Status
published
Products (13)
vmware/esxi
5.0 (3 CPE variants)
vmware/esxi
5.1 (2 CPE variants)
vmware/esxi
5.5
vmware/esxi
6.0
vmware/fusion
7.0
vmware/fusion
7.1
vmware/fusion
7.1.1
vmware/player
7.0
vmware/player
7.1
vmware/player
7.1.1
... and 3 more
Published
Jan 09, 2016
Tracked Since
Feb 18, 2026