{"api_version":"1","generated_at":"2026-05-11T15:41:21+00:00","cve":"CVE-2018-6983","urls":{"html":"https://cve.report/CVE-2018-6983","api":"https://cve.report/api/cve/CVE-2018-6983.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2018-6983","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2018-6983"},"summary":{"title":"CVE-2018-6983","description":"VMware Workstation (15.x before 15.0.2 and 14.x before 14.1.5) and Fusion (11.x before 11.0.2 and 10.x before 10.1.5) contain an integer overflow vulnerability in the virtual network devices. This issue may allow a guest to execute code on the host.","state":"PUBLIC","assigner":"security@vmware.com","published_at":"2018-11-27 17:29:00","updated_at":"2018-12-19 19:26:00"},"problem_types":["CWE-190"],"metrics":[],"references":[{"url":"https://www.vmware.com/security/advisories/VMSA-2018-0030.html","name":"https://www.vmware.com/security/advisories/VMSA-2018-0030.html","refsource":"CONFIRM","tags":["Vendor Advisory"],"title":"VMSA-2018-0030","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/105986","name":"105986","refsource":"BID","tags":["Third Party Advisory","VDB Entry"],"title":"VMware Workstation and Fusion CVE-2018-6983  Local Integer Overflow Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2018-6983","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-6983","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2018","cve_id":"6983","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"mac_os_x","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"6983","vulnerable":"0","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"mac_os_x","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"6983","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"vmware","cpe5":"fusion","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"6983","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"vmware","cpe5":"fusion","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"6983","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"vmware","cpe5":"workstation","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"6983","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"vmware","cpe5":"workstation","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"security@vmware.com","ID":"CVE-2018-6983","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"VMware Workstation and Fusion","version":{"version_data":[{"version_value":"VMware Workstation (15.x before 15.0.2 and 14.x before 14.1.5) and Fusion (11.x before 11.0.2 and 10.x before 10.1.5)"}]}}]},"vendor_name":"VMware"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"VMware Workstation (15.x before 15.0.2 and 14.x before 14.1.5) and Fusion (11.x before 11.0.2 and 10.x before 10.1.5) contain an integer overflow vulnerability in the virtual network devices. This issue may allow a guest to execute code on the host."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Integer overflow vulnerability"}]}]},"references":{"reference_data":[{"name":"https://www.vmware.com/security/advisories/VMSA-2018-0030.html","refsource":"CONFIRM","url":"https://www.vmware.com/security/advisories/VMSA-2018-0030.html"},{"name":"105986","refsource":"BID","url":"http://www.securityfocus.com/bid/105986"}]}},"nvd":{"publishedDate":"2018-11-27 17:29:00","lastModifiedDate":"2018-12-19 19:26:00","problem_types":["CWE-190"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"},"exploitabilityScore":2,"impactScore":6},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE","baseScore":7.2},"severity":"HIGH","exploitabilityScore":3.9,"impactScore":10,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0","versionEndExcluding":"14.1.5","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*","versionStartIncluding":"15.0.0","versionEndExcluding":"15.0.2","cpe_name":[]}]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*","versionStartIncluding":"10.0.0","versionEndExcluding":"10.1.5","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*","versionStartIncluding":"11.0.0","versionEndExcluding":"11.0.2","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]}]}},"legacy_mitre":{"record":{"CveYear":"2018","CveId":"6983","Ordinal":"123217","Title":"CVE-2018-6983","CVE":"CVE-2018-6983","Year":"2018"},"notes":[{"CveYear":"2018","CveId":"6983","Ordinal":"1","NoteData":"VMware Workstation (15.x before 15.0.2 and 14.x before 14.1.5) and Fusion (11.x before 11.0.2 and 10.x before 10.1.5) contain an integer overflow vulnerability in the virtual network devices. This issue may allow a guest to execute code on the host.","Type":"Description","Title":null},{"CveYear":"2018","CveId":"6983","Ordinal":"2","NoteData":"2018-11-27","Type":"Other","Title":"Published"},{"CveYear":"2018","CveId":"6983","Ordinal":"3","NoteData":"2018-11-28","Type":"Other","Title":"Modified"}]}}}