VMware Products Multiple Vulnerabilities

Impact

• Denial of Service
• Remote Code Execution

System / Technologies affected

• VMware vCloud Director for Service Providers (vCD) 9.5.x
• VMware vSphere ESXi (ESXi) 6.0, 6.5 and 6.7
• VMware Workstation Pro / Player (Workstation) 14.x and 15.x
• VMware Fusion Pro / Fusion (Fusion) 10.x and 11.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

The vendor has issued fixes:
• https://www.vmware.com/security/advisories/VMSA-2019-0004.html
• https://www.vmware.com/security/advisories/VMSA-2019-0005.html

Vulnerability Identifier

• CVE-2019-5514
• CVE-2019-5515
• CVE-2019-5518
• CVE-2019-5519
• CVE-2019-5523
• CVE-2019-5524

Source

• US-CERT
• AusCERT

Related Link

• https://www.vmware.com/security/advisories/VMSA-2019-0005.html
• https://www.vmware.com/security/advisories/VMSA-2019-0004.html
• https://www.auscert.org.au/bulletins/78106
• https://www.us-cert.gov/ncas/current-activity/2019/03/29/VMware-Releases-Security-Updates