vulnerability

VMware vCenter Server: CVE-2017-4950 (VMSA-2018-0004)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:L/AC:M/Au:N/C:C/I:C/A:C)	Jan 11, 2018	Jan 20, 2026	Jan 20, 2026

Severity

CVSS

(AV:L/AC:M/Au:N/C:C/I:C/A:C)

Published

Jan 11, 2018

Added

Jan 20, 2026

Modified

Jan 20, 2026

Description

VMware Workstation and Fusion contain an integer overflow vulnerability in VMware NAT service when IPv6 mode is enabled. This issue may lead to an out-of-bound read which can then be used to execute code on the host in conjunction with other issues. Note: IPv6 mode for VMNAT is not enabled by default.

Solution

vmware-vcenter-server-upgrade-latest

References

CVE-2017-4950
https://attackerkb.com/topics/CVE-2017-4950
URL-http://www.securityfocus.com/bid/102490
URL-http://www.securitytracker.com/id/1040161
URL-https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/23533
CWE-190

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today