Medium severity6.5NVD Advisory· Published Jul 25, 2018· Updated Jun 17, 2026
CVE-2018-6972
CVE-2018-6972
Description
VMware ESXi (6.7 before ESXi670-201806401-BG, 6.5 before ESXi650-201806401-BG, 6.0 before ESXi600-201806401-BG and 5.5 before ESXi550-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain a denial-of-service vulnerability due to NULL pointer dereference issue in RPC handler. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6<6.7 (ESXi670-201806401-BG), <6.5 (ESXi650-201806401-BG), <6.0 (ESXi600-201806401-BG), <5.5 (ESXi550-201806401-BG)+ 1 more
- (no CPE)range: <6.7 (ESXi670-201806401-BG), <6.5 (ESXi650-201806401-BG), <6.0 (ESXi600-201806401-BG), <5.5 (ESXi550-201806401-BG)
- (no CPE)range: 6.7 before ESXi670-201806401-BG
<14.1.2+ 1 more
- (no CPE)range: <14.1.2
- (no CPE)range: 14.x before 14.1.2
Patches
Vulnerability mechanics
References
4- www.vmware.com/security/advisories/VMSA-2018-0018.htmlnvdPatchVendor Advisory
- www.securityfocus.com/bid/104884nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1041356nvdBroken LinkThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1041357nvdBroken LinkThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.