Vulnerability Details : CVE-2014-1208
VMware Workstation 9.x before 9.0.1, VMware Player 5.x before 5.0.1, VMware Fusion 5.x before 5.0.1, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1 allow guest OS users to cause a denial of service (VMX process disruption) by using an invalid port.
Vulnerability category: Denial of service
Products affected by CVE-2014-1208
- cpe:2.3:a:vmware:workstation:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:player:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:fusion:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:4.0:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:4.0:1:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:4.0:2:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:4.0:3:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:4.0:4:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:4.1:1:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:4.1:2:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:5.0:1:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:5.0:2:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:5.1:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:esx:4.1:*:*:*:*:*:*:*
Threat overview for CVE-2014-1208
Top countries where our scanners detected CVE-2014-1208
Top open port discovered on systems with this issue
443
IPs affected by CVE-2014-1208 41
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2014-1208!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2014-1208
0.22%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 59 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2014-1208
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
3.3
|
LOW | AV:A/AC:L/Au:N/C:N/I:N/A:P |
6.5
|
2.9
|
NIST |
References for CVE-2014-1208
-
http://www.securityfocus.com/bid/64994
Multiple VMWare Products Local Denial Of Service Vulnerability
-
http://www.securitytracker.com/id/1029643
VMware ESX/ESXi NFC and VMX Bugs Let Remote and Local Users Deny Service - SecurityTracker
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/90558
VMware ESXi and ESX invalid ports denial of service CVE-2014-1208 Vulnerability Report
-
http://www.securitytracker.com/id/1029644
VMware Workstation/Player/Fusion Bug in Handling Invalid VMX Ports Lets Local Users Deny Service - SecurityTracker
-
http://www.vmware.com/security/advisories/VMSA-2014-0001.html
VMSA-2014-0001Vendor Advisory
Jump to