CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Vulnerability Details : CVE-2019-5521

VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201903001), Workstation (15.x before 15.0.3 and 14.x before 14.1.6) and Fusion (11.x before 11.0.3 and 10.x before 10.1.6) contain an out-of-bounds read vulnerability in the pixel shader functionality. Successful exploitation of this issue may lead to information disclosure or may allow attackers with normal user privileges to create a denial-of-service condition on the host. Exploitation of this issue require an attacker to have access to a virtual machine with 3D graphics enabled. It is not enabled by default on ESXi and is enabled by default on Workstation and Fusion.
Publish Date : 2019-09-20 Last Update Date : 2019-09-23
Collapse All   Expand All   Select   Select&Copy  
Search Twitter   Search YouTube   Search Google

- CVSS Scores & Vulnerability Types

CVSS Score
5.5
Confidentiality Impact Partial (There is considerable informational disclosure.)
Integrity Impact None (There is no impact to the integrity of the system)
Availability Impact Partial (There is reduced performance or interruptions in resource availability.)
Access Complexity Low (Specialized access conditions or extenuating circumstances do not exist. Very little knowledge or skill is required to exploit. )
Authentication Single system (The vulnerability requires an attacker to be logged into the system (such as at a command line or via a desktop session or web interface).)
Gained Access None
Vulnerability Type(s)
CWE ID 125

- Products Affected By CVE-2019-5521

# Product Type Vendor Product Version Update Edition Language
1 OS Vmware Esxi 6.5 650-201707218 Version Details Vulnerabilities
2 OS Vmware Esxi 6.5 650-201707202 Version Details Vulnerabilities
3 OS Vmware Esxi 6.5 650-201811001 Version Details Vulnerabilities
4 OS Vmware Esxi 6.5 650-201707213 Version Details Vulnerabilities
5 OS Vmware Esxi 6.5 650-201704001 Version Details Vulnerabilities
6 OS Vmware Esxi 6.5 650-201803001 Version Details Vulnerabilities
7 OS Vmware Esxi 6.5 650-201707208 Version Details Vulnerabilities
8 OS Vmware Esxi 6.5 650-201707203 Version Details Vulnerabilities
9 OS Vmware Esxi 6.5 650-201811002 Version Details Vulnerabilities
10 OS Vmware Esxi 6.5 650-201707219 Version Details Vulnerabilities
11 OS Vmware Esxi 6.5 650-201707214 Version Details Vulnerabilities
12 OS Vmware Esxi 6.5 650-201707101 Version Details Vulnerabilities
13 OS Vmware Esxi 6.5 650-201806001 Version Details Vulnerabilities
14 OS Vmware Esxi 6.5 650-201707209 Version Details Vulnerabilities
15 OS Vmware Esxi 6.5 650-201707204 Version Details Vulnerabilities
16 OS Vmware Esxi 6.5 650-201811301 Version Details Vulnerabilities
17 OS Vmware Esxi 6.5 - Version Details Vulnerabilities
18 OS Vmware Esxi 6.5 650-201707220 Version Details Vulnerabilities
19 OS Vmware Esxi 6.5 650-201707215 Version Details Vulnerabilities
20 OS Vmware Esxi 6.5 650-201707102 Version Details Vulnerabilities
21 OS Vmware Esxi 6.5 650-201808001 Version Details Vulnerabilities
22 OS Vmware Esxi 6.5 650-201707210 Version Details Vulnerabilities
23 OS Vmware Esxi 6.5 650-201901001 Version Details Vulnerabilities
24 OS Vmware Esxi 6.5 650-201701001 Version Details Vulnerabilities
25 OS Vmware Esxi 6.5 650-201707221 Version Details Vulnerabilities
26 OS Vmware Esxi 6.5 650-201707205 Version Details Vulnerabilities
27 OS Vmware Esxi 6.5 650-201707216 Version Details Vulnerabilities
28 OS Vmware Esxi 6.5 650-201707103 Version Details Vulnerabilities
29 OS Vmware Esxi 6.5 650-201810001 Version Details Vulnerabilities
30 OS Vmware Esxi 6.5 650-201707211 Version Details Vulnerabilities
31 OS Vmware Esxi 6.5 650-201703001 Version Details Vulnerabilities
32 OS Vmware Esxi 6.5 650-201710001 Version Details Vulnerabilities
33 OS Vmware Esxi 6.5 650-201707206 Version Details Vulnerabilities
34 OS Vmware Esxi 6.5 650-201707217 Version Details Vulnerabilities
35 OS Vmware Esxi 6.5 650-201707201 Version Details Vulnerabilities
36 OS Vmware Esxi 6.5 650-201810002 Version Details Vulnerabilities
37 OS Vmware Esxi 6.5 650-201707212 Version Details Vulnerabilities
38 OS Vmware Esxi 6.5 650-201703002 Version Details Vulnerabilities
39 OS Vmware Esxi 6.5 650-201712001 Version Details Vulnerabilities
40 OS Vmware Esxi 6.5 650-201707207 Version Details Vulnerabilities
41 OS Vmware Esxi 6.7 670-201810205 Version Details Vulnerabilities
42 OS Vmware Esxi 6.7 670-201810232 Version Details Vulnerabilities
43 OS Vmware Esxi 6.7 670-201904220 Version Details Vulnerabilities
44 OS Vmware Esxi 6.7 670-201810216 Version Details Vulnerabilities
45 OS Vmware Esxi 6.7 670-201904204 Version Details Vulnerabilities
46 OS Vmware Esxi 6.7 670-201810103 Version Details Vulnerabilities
47 OS Vmware Esxi 6.7 670-201810227 Version Details Vulnerabilities
48 OS Vmware Esxi 6.7 670-201904215 Version Details Vulnerabilities
49 OS Vmware Esxi 6.7 670-201904210 Version Details Vulnerabilities
50 OS Vmware Esxi 6.7 670-201810211 Version Details Vulnerabilities
51 OS Vmware Esxi 6.7 670-201807001 Version Details Vulnerabilities
52 OS Vmware Esxi 6.7 670-201901402 Version Details Vulnerabilities
53 OS Vmware Esxi 6.7 670-201904226 Version Details Vulnerabilities
54 OS Vmware Esxi 6.7 670-201810222 Version Details Vulnerabilities
55 OS Vmware Esxi 6.7 670-201810206 Version Details Vulnerabilities
56 OS Vmware Esxi 6.7 670-201810233 Version Details Vulnerabilities
57 OS Vmware Esxi 6.7 670-201904221 Version Details Vulnerabilities
58 OS Vmware Esxi 6.7 670-201810217 Version Details Vulnerabilities
59 OS Vmware Esxi 6.7 670-201904205 Version Details Vulnerabilities
60 OS Vmware Esxi 6.7 670-201810201 Version Details Vulnerabilities
61 OS Vmware Esxi 6.7 670-201810228 Version Details Vulnerabilities
62 OS Vmware Esxi 6.7 670-201904216 Version Details Vulnerabilities
63 OS Vmware Esxi 6.7 670-201904211 Version Details Vulnerabilities
64 OS Vmware Esxi 6.7 670-201810212 Version Details Vulnerabilities
65 OS Vmware Esxi 6.7 670-201808001 Version Details Vulnerabilities
66 OS Vmware Esxi 6.7 670-201901403 Version Details Vulnerabilities
67 OS Vmware Esxi 6.7 670-201904227 Version Details Vulnerabilities
68 OS Vmware Esxi 6.7 670-201810223 Version Details Vulnerabilities
69 OS Vmware Esxi 6.7 670-201810207 Version Details Vulnerabilities
70 OS Vmware Esxi 6.7 670-201810234 Version Details Vulnerabilities
71 OS Vmware Esxi 6.7 670-201904222 Version Details Vulnerabilities
72 OS Vmware Esxi 6.7 670-201810218 Version Details Vulnerabilities
73 OS Vmware Esxi 6.7 670-201904206 Version Details Vulnerabilities
74 OS Vmware Esxi 6.7 670-201810202 Version Details Vulnerabilities
75 OS Vmware Esxi 6.7 670-201810229 Version Details Vulnerabilities
76 OS Vmware Esxi 6.7 670-201904217 Version Details Vulnerabilities
77 OS Vmware Esxi 6.7 670-201810213 Version Details Vulnerabilities
78 OS Vmware Esxi 6.7 670-201810001 Version Details Vulnerabilities
79 OS Vmware Esxi 6.7 670-201904201 Version Details Vulnerabilities
80 OS Vmware Esxi 6.7 670-201904228 Version Details Vulnerabilities
81 OS Vmware Esxi 6.7 670-201810224 Version Details Vulnerabilities
82 OS Vmware Esxi 6.7 670-201904212 Version Details Vulnerabilities
83 OS Vmware Esxi 6.7 670-201811001 Version Details Vulnerabilities
84 OS Vmware Esxi 6.7 670-201904223 Version Details Vulnerabilities
85 OS Vmware Esxi 6.7 670-201810219 Version Details Vulnerabilities
86 OS Vmware Esxi 6.7 670-201904207 Version Details Vulnerabilities
87 OS Vmware Esxi 6.7 670-201810208 Version Details Vulnerabilities
88 OS Vmware Esxi 6.7 670-201810203 Version Details Vulnerabilities
89 OS Vmware Esxi 6.7 670-201810230 Version Details Vulnerabilities
90 OS Vmware Esxi 6.7 670-201904218 Version Details Vulnerabilities
91 OS Vmware Esxi 6.7 670-201810214 Version Details Vulnerabilities
92 OS Vmware Esxi 6.7 670-201904202 Version Details Vulnerabilities
93 OS Vmware Esxi 6.7 670-201810101 Version Details Vulnerabilities
94 OS Vmware Esxi 6.7 670-201904229 Version Details Vulnerabilities
95 OS Vmware Esxi 6.7 670-201810225 Version Details Vulnerabilities
96 OS Vmware Esxi 6.7 670-201904213 Version Details Vulnerabilities
97 OS Vmware Esxi 6.7 - Version Details Vulnerabilities
98 OS Vmware Esxi 6.7 670-201901001 Version Details Vulnerabilities
99 OS Vmware Esxi 6.7 670-201904224 Version Details Vulnerabilities
100 OS Vmware Esxi 6.7 670-201810220 Version Details Vulnerabilities
101 OS Vmware Esxi 6.7 670-201904208 Version Details Vulnerabilities
102 OS Vmware Esxi 6.7 670-201810209 Version Details Vulnerabilities
103 OS Vmware Esxi 6.7 670-201810204 Version Details Vulnerabilities
104 OS Vmware Esxi 6.7 670-201810231 Version Details Vulnerabilities
105 OS Vmware Esxi 6.7 670-201904219 Version Details Vulnerabilities
106 OS Vmware Esxi 6.7 670-201810215 Version Details Vulnerabilities
107 OS Vmware Esxi 6.7 670-201904203 Version Details Vulnerabilities
108 OS Vmware Esxi 6.7 670-201810102 Version Details Vulnerabilities
109 OS Vmware Esxi 6.7 670-201810226 Version Details Vulnerabilities
110 OS Vmware Esxi 6.7 670-201904214 Version Details Vulnerabilities
111 OS Vmware Esxi 6.7 670-201904225 Version Details Vulnerabilities
112 OS Vmware Esxi 6.7 670-201810221 Version Details Vulnerabilities
113 OS Vmware Esxi 6.7 670-201904209 Version Details Vulnerabilities
114 OS Vmware Esxi 6.7 670-201810210 Version Details Vulnerabilities
115 OS Vmware Esxi 6.7 670-201806001 Version Details Vulnerabilities
116 OS Vmware Esxi 6.7 670-201901401 Version Details Vulnerabilities
117 Application Vmware Fusion 10.0.0 Version Details Vulnerabilities
118 Application Vmware Fusion 10.0.1 Version Details Vulnerabilities
119 Application Vmware Fusion 10.1.0 Version Details Vulnerabilities
120 Application Vmware Fusion 10.1.1 Version Details Vulnerabilities
121 Application Vmware Fusion 10.1.2 Version Details Vulnerabilities
122 Application Vmware Fusion 10.1.3 Version Details Vulnerabilities
123 Application Vmware Fusion 10.1.4 Version Details Vulnerabilities
124 Application Vmware Fusion 10.1.5 Version Details Vulnerabilities
125 Application Vmware Fusion 11.0.0 Version Details Vulnerabilities
126 Application Vmware Fusion 11.0.1 Version Details Vulnerabilities
127 Application Vmware Fusion 11.0.2 Version Details Vulnerabilities
128 Application Vmware Workstation 14.0.0 Version Details Vulnerabilities
129 Application Vmware Workstation 14.1.0 Version Details Vulnerabilities
130 Application Vmware Workstation 14.1.1 Version Details Vulnerabilities
131 Application Vmware Workstation 14.1.2 Version Details Vulnerabilities
132 Application Vmware Workstation 14.1.3 Version Details Vulnerabilities
133 Application Vmware Workstation 14.1.4 Version Details Vulnerabilities
134 Application Vmware Workstation 14.1.5 Version Details Vulnerabilities
135 Application Vmware Workstation 15.0.0 Version Details Vulnerabilities
136 Application Vmware Workstation 15.0.1 Version Details Vulnerabilities
137 Application Vmware Workstation 15.0.2 Version Details Vulnerabilities

- Number Of Affected Versions By Product

Vendor Product Vulnerable Versions
Vmware Esxi 116
Vmware Fusion 11
Vmware Workstation 10

- References For CVE-2019-5521

https://www.vmware.com/security/advisories/VMSA-2019-0012.html CONFIRM
https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0757

- Metasploit Modules Related To CVE-2019-5521

There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.