CVE-2017-4898 - Vulnerability Details

Vendors	Products
Vmware	Workstation Player Workstation Pro

Link	Providers
http://www.securityfocus.com/bid/96772
http://www.securitytracker.com/id/1037979
http://www.vmware.com/security/advisories/VMSA-2017-0003.html

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "Workstation Pro/Player", "vendor": "VMware", "versions": [{"status": "affected", "version": "12.x prior to version 12.5.3"}]}], "datePublic": "2017-03-09T00:00:00", "descriptions": [{"lang": "en", "value": "VMware Workstation Pro/Player 12.x before 12.5.3 contains a DLL loading vulnerability that occurs due to the \"vmware-vmx\" process loading DLLs from a path defined in the local environment-variable. Successful exploitation of this issue may allow normal users to escalate privileges to System in the host machine where VMware Workstation is installed."}], "problemTypes": [{"descriptions": [{"description": "DLL Hijack", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-14T09:57:01", "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "shortName": "vmware"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.vmware.com/security/advisories/VMSA-2017-0003.html"}, {"name": "96772", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/96772"}, {"name": "1037979", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1037979"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@vmware.com", "ID": "CVE-2017-4898", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Workstation Pro/Player", "version": {"version_data": [{"version_value": "12.x prior to version 12.5.3"}]}}]}, "vendor_name": "VMware"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "VMware Workstation Pro/Player 12.x before 12.5.3 contains a DLL loading vulnerability that occurs due to the \"vmware-vmx\" process loading DLLs from a path defined in the local environment-variable. Successful exploitation of this issue may allow normal users to escalate privileges to System in the host machine where VMware Workstation is installed."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "DLL Hijack"}]}]}, "references": {"reference_data": [{"name": "http://www.vmware.com/security/advisories/VMSA-2017-0003.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/security/advisories/VMSA-2017-0003.html"}, {"name": "96772", "refsource": "BID", "url": "http://www.securityfocus.com/bid/96772"}, {"name": "1037979", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037979"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T14:39:41.379Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.vmware.com/security/advisories/VMSA-2017-0003.html"}, {"name": "96772", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/96772"}, {"name": "1037979", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1037979"}]}]}, "cveMetadata": {"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "assignerShortName": "vmware", "cveId": "CVE-2017-4898", "datePublished": "2017-06-07T18:00:00", "dateReserved": "2016-12-26T00:00:00", "dateUpdated": "2024-08-05T14:39:41.379Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : Workstation Pro/Player (string)

vendor : VMware (string)

versions : [ »

0 : { »

status : affected (string)

version : 12.x prior to version 12.5.3 (string)

}

]

}

]

datePublic : 2017-03-09T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : VMware Workstation Pro/Player 12.x before 12.5.3 contains a DLL loading vulnerability that occurs due to the "vmware-vmx" process loading DLLs from a path defined in the local environment-variable. Successful exploitation of this issue may allow normal users to escalate privileges to System in the host machine where VMware Workstation is installed. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : DLL Hijack (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2017-07-14T09:57:01 (string)

orgId : dcf2e128-44bd-42ed-91e8-88f912c1401d (string)

shortName : vmware (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://www.vmware.com/security/advisories/VMSA-2017-0003.html (string)

}

1 : { »

name : 96772 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

]

url : http://www.securityfocus.com/bid/96772 (string)

}

2 : { »

name : 1037979 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_SECTRACK (string)

]

url : http://www.securitytracker.com/id/1037979 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : security@vmware.com (string)

ID : CVE-2017-4898 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : Workstation Pro/Player (string)

version : { »

version_data : [ »

0 : { »

version_value : 12.x prior to version 12.5.3 (string)

}

]

}

]

}

vendor_name : VMware (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : VMware Workstation Pro/Player 12.x before 12.5.3 contains a DLL loading vulnerability that occurs due to the "vmware-vmx" process loading DLLs from a path defined in the local environment-variable. Successful exploitation of this issue may allow normal users to escalate privileges to System in the host machine where VMware Workstation is installed. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : DLL Hijack (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : http://www.vmware.com/security/advisories/VMSA-2017-0003.html (string)

refsource : CONFIRM (string)

url : http://www.vmware.com/security/advisories/VMSA-2017-0003.html (string)

}

1 : { »

name : 96772 (string)

refsource : BID (string)

url : http://www.securityfocus.com/bid/96772 (string)

}

2 : { »

name : 1037979 (string)

refsource : SECTRACK (string)

url : http://www.securitytracker.com/id/1037979 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-05T14:39:41.379Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://www.vmware.com/security/advisories/VMSA-2017-0003.html (string)

}

1 : { »

name : 96772 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

2 : x_transferred (string)

]

url : http://www.securityfocus.com/bid/96772 (string)

}

2 : { »

name : 1037979 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_SECTRACK (string)

2 : x_transferred (string)

]

url : http://www.securitytracker.com/id/1037979 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : dcf2e128-44bd-42ed-91e8-88f912c1401d (string)

assignerShortName : vmware (string)

cveId : CVE-2017-4898 (string)

datePublished : 2017-06-07T18:00:00 (string)

dateReserved : 2016-12-26T00:00:00 (string)

dateUpdated : 2024-08-05T14:39:41.379Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:vmware:workstation_player:12.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "8ABE47D4-506C-4132-829B-19A61ED35F4A", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation_player:12.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "67CDB0AC-25B6-4397-9784-386C81C37352", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation_player:12.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "C48608C8-B7A6-47DD-8C78-44EB2B0D6C0C", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation_player:12.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "8E1D4E53-DEB3-4143-B619-4431DB47341F", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation_player:12.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "C83B3D50-43FF-4034-9C75-F44939D60378", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation_player:12.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "A1613CB4-1088-40F1-A5E8-584284A980D0", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation_pro:12.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "E3E8337D-BC36-4910-A998-309D277D008C", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation_pro:12.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "0E91FE31-B442-4EE3-A415-D635A5CCA6C2", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation_pro:12.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "C67B92FB-CE89-479D-97DF-237C77BF307B", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation_pro:12.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "B8A83855-1411-4CA8-A005-5AA58D1CB32A", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation_pro:12.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "3516D484-83AF-470E-9E9A-AFE3BBE4F75D", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation_pro:12.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "2F5A845C-E2CA-4C3A-8019-22C7DC2EA6DB", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "VMware Workstation Pro/Player 12.x before 12.5.3 contains a DLL loading vulnerability that occurs due to the \"vmware-vmx\" process loading DLLs from a path defined in the local environment-variable. Successful exploitation of this issue may allow normal users to escalate privileges to System in the host machine where VMware Workstation is installed."}, {"lang": "es", "value": "Workstation Pro/Player versiones 12.x anteriores a 12.5.3 de VMware, contiene una vulnerabilidad de carga de DLL que ocurre debido al proceso \"vmware-vmx\" que carga archivos DLL desde una ruta (path) definida en la variable de entorno local. La explotaci\u00f3n con \u00e9xito de este problema puede permitir a los usuarios normales escalar privilegios al sistema en la m\u00e1quina host donde est\u00e1 instalada Workstation de VMware."}], "id": "CVE-2017-4898", "lastModified": "2025-04-20T01:37:25.860", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.0, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-06-07T18:29:00.210", "references": [{"source": "security@vmware.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/96772"}, {"source": "security@vmware.com", "url": "http://www.securitytracker.com/id/1037979"}, {"source": "security@vmware.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.vmware.com/security/advisories/VMSA-2017-0003.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/96772"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id/1037979"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.vmware.com/security/advisories/VMSA-2017-0003.html"}], "sourceIdentifier": "security@vmware.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:vmware:workstation_player:12.0.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 8ABE47D4-506C-4132-829B-19A61ED35F4A (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:vmware:workstation_player:12.0.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 67CDB0AC-25B6-4397-9784-386C81C37352 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:vmware:workstation_player:12.1.0:*:*:*:*:*:*:* (string)

matchCriteriaId : C48608C8-B7A6-47DD-8C78-44EB2B0D6C0C (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:vmware:workstation_player:12.5.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 8E1D4E53-DEB3-4143-B619-4431DB47341F (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:vmware:workstation_player:12.5.1:*:*:*:*:*:*:* (string)

matchCriteriaId : C83B3D50-43FF-4034-9C75-F44939D60378 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:vmware:workstation_player:12.5.2:*:*:*:*:*:*:* (string)

matchCriteriaId : A1613CB4-1088-40F1-A5E8-584284A980D0 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:vmware:workstation_pro:12.0.0:*:*:*:*:*:*:* (string)

matchCriteriaId : E3E8337D-BC36-4910-A998-309D277D008C (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:a:vmware:workstation_pro:12.0.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 0E91FE31-B442-4EE3-A415-D635A5CCA6C2 (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:a:vmware:workstation_pro:12.1.0:*:*:*:*:*:*:* (string)

matchCriteriaId : C67B92FB-CE89-479D-97DF-237C77BF307B (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:a:vmware:workstation_pro:12.5.0:*:*:*:*:*:*:* (string)

matchCriteriaId : B8A83855-1411-4CA8-A005-5AA58D1CB32A (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:a:vmware:workstation_pro:12.5.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 3516D484-83AF-470E-9E9A-AFE3BBE4F75D (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:a:vmware:workstation_pro:12.5.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 2F5A845C-E2CA-4C3A-8019-22C7DC2EA6DB (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : VMware Workstation Pro/Player 12.x before 12.5.3 contains a DLL loading vulnerability that occurs due to the "vmware-vmx" process loading DLLs from a path defined in the local environment-variable. Successful exploitation of this issue may allow normal users to escalate privileges to System in the host machine where VMware Workstation is installed. (string)

}

1 : { »

lang : es (string)

value : Workstation Pro/Player versiones 12.x anteriores a 12.5.3 de VMware, contiene una vulnerabilidad de carga de DLL que ocurre debido al proceso "vmware-vmx" que carga archivos DLL desde una ruta (path) definida en la variable de entorno local. La explotación con éxito de este problema puede permitir a los usuarios normales escalar privilegios al sistema en la máquina host donde está instalada Workstation de VMware. (string)

}

]

id : CVE-2017-4898 (string)

lastModified : 2025-04-20T01:37:25.860 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : MEDIUM (string)

accessVector : LOCAL (string)

authentication : NONE (string)

availabilityImpact : COMPLETE (string)

baseScore : 6.9 (number)

confidentialityImpact : COMPLETE (string)

integrityImpact : COMPLETE (string)

vectorString : AV:L/AC:M/Au:N/C:C/I:C/A:C (string)

version : 2.0 (string)

}

exploitabilityScore : 3.4 (number)

impactScore : 10 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

cvssMetricV30 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : LOCAL (string)

availabilityImpact : HIGH (string)

baseScore : 8.8 (number)

baseSeverity : HIGH (string)

confidentialityImpact : HIGH (string)

integrityImpact : HIGH (string)

privilegesRequired : LOW (string)

scope : CHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H (string)

version : 3.0 (string)

}

exploitabilityScore : 2 (number)

impactScore : 6 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2017-06-07T18:29:00.210 (string)

references : [ »

0 : { »

source : security@vmware.com (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://www.securityfocus.com/bid/96772 (string)

}

1 : { »

source : security@vmware.com (string)

url : http://www.securitytracker.com/id/1037979 (string)

}

2 : { »

source : security@vmware.com (string)

tags : [ »

0 : Patch (string)

1 : Vendor Advisory (string)

]

url : http://www.vmware.com/security/advisories/VMSA-2017-0003.html (string)

}

3 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://www.securityfocus.com/bid/96772 (string)

}

4 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.securitytracker.com/id/1037979 (string)

}

5 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

1 : Vendor Advisory (string)

]

url : http://www.vmware.com/security/advisories/VMSA-2017-0003.html (string)

}

]

sourceIdentifier : security@vmware.com (string)

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : NVD-CWE-noinfo (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object