Medium severity6.1NVD Advisory· Published Dec 20, 2017· Updated Jun 17, 2026
CVE-2017-4940
CVE-2017-4940
Description
The ESXi Host Client in VMware ESXi (6.5 before ESXi650-201712103-SG, 5.5 before ESXi600-201711103-SG and 5.5 before ESXi550-201709102-SG) contains a vulnerability that may allow for stored cross-site scripting (XSS). An attacker can exploit this vulnerability by injecting Javascript, which might get executed when other users access the Host Client.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
121cpe:2.3:o:vmware:esxi:5.5:-:*:*:*:*:*:*+ 120 more
- cpe:2.3:o:vmware:esxi:5.5:-:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:5.5:1:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:5.5:2:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:5.5:3a:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:5.5:3b:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:5.5:550-20170901001s:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:-:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:1:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:1a:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:1b:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:2:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:3:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:3a:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201504401:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201505401:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201507101:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201507102:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201507401:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201507402:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201507403:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201507404:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201507405:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201507406:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201507407:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201509101:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201509102:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201509201:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201509202:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201509203:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201509204:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201509205:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201509206:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201509207:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201509208:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201509209:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201509210:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201510401:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201511401:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201601101:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201601102:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201601401:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201601402:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201601403:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201601404:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201601405:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201602401:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201603101:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201603102:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201603201:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201603202:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201603203:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201603204:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201603205:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201603206:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201603207:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201603208:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201605401:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201608101:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201608401:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201608402:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201608403:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201608404:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201608405:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201610410:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201611401:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201611402:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201611403:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201702101:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201702102:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201702201:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201702202:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201702203:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201702204:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201702205:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201702206:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201702207:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201702208:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201702209:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201702210:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201702211:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201702212:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201703401:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201706101:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201706102:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201706103:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201706401:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201706402:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201706403:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.0:600-201710301:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.5:650-201701001:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.5:650-201703001:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.5:650-201703002:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.5:650-201704001:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.5:650-201707101:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.5:650-201707102:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.5:650-201707103:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.5:650-201707201:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.5:650-201707202:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.5:650-201707203:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.5:650-201707204:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.5:650-201707205:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.5:650-201707206:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.5:650-201707207:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.5:650-201707208:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.5:650-201707209:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.5:650-201707210:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.5:650-201707211:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.5:650-201707212:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.5:650-201707213:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.5:650-201707214:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.5:650-201707215:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.5:650-201707216:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.5:650-201707217:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.5:650-201707218:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.5:650-201707219:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.5:650-201707220:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.5:650-201707221:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.5:650-201710001:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:6.5:650-201712001:*:*:*:*:*:*
- (no CPE)range: 6.5 before ESXi650-201712103-SG
Patches
Vulnerability mechanics
References
2- www.securitytracker.com/id/1040024nvdThird Party AdvisoryVDB Entry
- www.vmware.com/security/advisories/VMSA-2017-0021.htmlnvdVendor Advisory
News mentions
0No linked articles in our index yet.