1. CVE-Search
  2. CVE-2017-4945
ID CVE-2017-4945
Summary VMware Workstation (14.x and 12.x) and Fusion (10.x and 8.x) contain a guest access control vulnerability. This issue may allow program execution via Unity on locked Windows VMs. VMware Tools must be updated to 10.2.0 for each VM to resolve CVE-2017-4945. VMware Tools 10.2.0 is consumed by Workstation 14.1.0 and Fusion 10.1.0 by default.
References
Vulnerable Configurations
  • cpe:2.3:a:vmware:workstation:12.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:12.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:12.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:12.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:12.1:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:12.1:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:12.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:12.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:12.5:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:12.5:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:12.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:12.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:12.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:12.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:12.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:12.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:12.5.3:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:12.5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:12.5.4:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:12.5.4:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:12.5.5:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:12.5.5:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:12.5.6:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:12.5.6:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:12.5.7:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:12.5.7:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:12.5.8:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:12.5.8:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:12.5.9:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:12.5.9:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:workstation:14.0:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:workstation:14.0:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:fusion:8.0:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:fusion:8.0:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:fusion:8.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:fusion:8.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:fusion:8.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:fusion:8.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:fusion:8.1:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:fusion:8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:fusion:8.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:fusion:8.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:fusion:8.5:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:fusion:8.5:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:fusion:8.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:fusion:8.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:fusion:8.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:fusion:8.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:fusion:8.5.3:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:fusion:8.5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:fusion:8.5.4:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:fusion:8.5.4:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:fusion:8.5.5:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:fusion:8.5.5:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:fusion:8.5.6:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:fusion:8.5.6:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:fusion:8.5.7:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:fusion:8.5.7:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:fusion:8.5.8:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:fusion:8.5.8:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:fusion:8.5.9:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:fusion:8.5.9:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:fusion:8.5.10:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:fusion:8.5.10:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:fusion:10.0:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:fusion:10.0:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:fusion:10.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:fusion:10.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:fusion:10.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:fusion:10.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:fusion:10.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:vmware:fusion:10.1.1:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
CVSS
Base: 2.1 (as of 03-10-2019 - 00:03)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:L/AC:L/Au:N/C:N/I:P/A:N
refmap via4
bid 102441
confirm https://www.vmware.com/us/security/advisories/VMSA-2018-0003.html
sectrack
  • 1040109
  • 1040136
Last major update 03-10-2019 - 00:03
Published 05-01-2018 - 14:29
Last modified 03-10-2019 - 00:03
Back to Top