Missing authentication for critical function vulnerability in VMware Fusion - CVE-2019-5514 (Mac OS)ID: oval:org.secpod.oval:def:95082 | Date: (C)2023-11-28 (M)2023-11-28 |
Class: VULNERABILITY | Family: macos |
The host is installed with VMware Fusion 11.x before 11.0.3 and is prone to a missing authentication for critical function vulnerability. A flaw is present in the application, which fails to properly handle issues in the unauthenticated APIs. On successful exploitation, an attacker may exploit this issue by tricking the host user to execute a JavaScript to perform unauthorized functions on the guest machine where VMware Tools is installed.
Platform: |
Apple Mac OS 13 |
Apple Mac OS 14 |
Apple Mac OS 12 |
Apple Mac OS 11 |
Apple Mac OS X 10.11 |
Apple Mac OS X 10.12 |
Apple Mac OS X 10.13 |
Apple Mac OS X 10.14 |
Apple Mac OS X 10.15 |