CVE-2019-5544

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 06-12-2019 05:15

Last modified: - 03-02-2022 08:50

Total changes: - 2

Description

OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Low

Attack complexity

Network

Attack vector

High

Availability

High

Confidentiality

High

Integrity

None

Privileges required

Unchanged

Scope

None

User interaction

9.8

Base score

3.9

5.9

Exploitability score

Impact score

Verification logic

vendor=vmware AND product=horizon_daas AND versionStartIncluding=8.0.0 AND versionEndExcluding=9.0.0.0

vendor=vmware AND product=esxi AND version=6.0 AND update=-

vendor=vmware AND product=esxi AND version=6.0 AND update=1

vendor=vmware AND product=esxi AND version=6.0 AND update=1a

vendor=vmware AND product=esxi AND version=6.0 AND update=1b

vendor=vmware AND product=esxi AND version=6.0 AND update=2

vendor=vmware AND product=esxi AND version=6.0 AND update=3

vendor=vmware AND product=esxi AND version=6.0 AND update=3a

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201504401

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201505401

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201507101

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201507102

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201507401

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201507402

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201507403

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201507404

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201507405

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201507406

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201507407

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201509101

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201509102

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201509201

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201509202

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201509203

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201509204

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201509205

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201509206

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201509207

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201509208

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201509209

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201509210

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201510401

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201511401

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201601101

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201601102

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201601401

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201601402

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201601403

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201601404

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201601405

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201602401

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201603101

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201603102

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201603201

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201603202

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201603203

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201603204

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201603205

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201603206

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201603207

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201603208

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201605401

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201608101

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201608401

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201608402

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201608403

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201608404

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201608405

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201610410

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201611401

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201611402

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201611403

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201702101

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201702102

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201702201

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201702202

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201702203

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201702204

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201702205

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201702206

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201702207

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201702208

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201702209

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201702210

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201702211

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201702212

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201703401

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201706101

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201706102

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201706103

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201706401

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201706402

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201706403

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201710301

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201811001

vendor=vmware AND product=esxi AND version=6.0 AND update=600-201811401

vendor=vmware AND product=esxi AND version=6.5 AND update=-

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201701001

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201703001

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201703002

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201704001

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201707101

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201707102

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201707103

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201707201

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201707202

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201707203

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201707204

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201707205

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201707206

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201707207

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201707208

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201707209

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201707210

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201707211

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201707212

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201707213

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201707214

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201707215

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201707216

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201707217

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201707218

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201707219

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201707220

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201707221

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201710001

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201712001

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201803001

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201806001

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201808001

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201810001

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201810002

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201811001

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201811002

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201811301

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201901001

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201903001

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201905001

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201908001

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201910001

vendor=vmware AND product=esxi AND version=6.5 AND update=650-20191004001

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201911001

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201911401

vendor=vmware AND product=esxi AND version=6.5 AND update=650-201911402

vendor=vmware AND product=esxi AND version=6.7 AND update=-

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201806001

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201807001

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201808001

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201810001

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201810101

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201810102

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201810103

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201810201

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201810202

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201810203

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201810204

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201810205

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201810206

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201810207

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201810208

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201810209

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201810210

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201810211

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201810212

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201810213

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201810214

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201810215

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201810216

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201810217

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201810218

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201810219

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201810220

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201810221

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201810222

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201810223

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201810224

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201810225

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201810226

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201810227

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201810228

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201810229

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201810230

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201810231

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201810232

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201810233

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201810234

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201811001

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201901001

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201901401

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201901402

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201901403

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201903001

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201904001

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201904201

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201904202

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201904203

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201904204

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201904205

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201904206

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201904207

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201904208

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201904209

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201904210

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201904211

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201904212

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201904213

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201904214

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201904215

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201904216

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201904217

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201904218

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201904219

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201904220

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201904221

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201904222

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201904223

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201904224

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201904225

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201904226

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201904227

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201904228

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201904229

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201905001

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201906002

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201908101

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201908102

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201908103

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201908104

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201908201

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201908202

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201908203

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201908204

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201908205

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201908206

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201908207

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201908208

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201908209

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201908210

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201908211

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201908212

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201908213

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201908214

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201908215

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201908216

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201908217

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201908218

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201908219

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201908220

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201908221

vendor=vmware AND product=esxi AND version=6.7 AND update=670-201911001

vendor=Red Hat Enterprise Linux AND product=enterprise_linux_desktop AND version=7.0

vendor=Red Hat Enterprise Linux AND product=enterprise_linux_server AND version=7.0

vendor=Red Hat Enterprise Linux AND product=enterprise_linux_server_aus AND version=7.7

vendor=Red Hat Enterprise Linux AND product=enterprise_linux_server_eus AND version=7.7

vendor=Red Hat Enterprise Linux AND product=enterprise_linux_server_tus AND version=7.7

vendor=Red Hat Enterprise Linux AND product=enterprise_linux_workstation AND version=7.0

vendor=openslp AND product=openslp AND version=1.2.1

vendor=openslp AND product=openslp AND version=2.0.0

vendor=fedoraproject AND product=fedora AND version=30

vendor=fedoraproject AND product=fedora AND version=31

Reference

http://www.vmware.com/security/advisories/VMSA-2019-0022.html
[oss-security] 20191210 Re: CVE-2019-5544 openslp 1.2.1, 2.0.0 heap overflow vulnerability-Mailing List, Third Party Advisory
[oss-security] 20191211 Re: CVE-2019-5544 openslp 1.2.1, 2.0.0 heap overflow vulnerability-Mailing List, Third Party Advisory
RHSA-2019:4240-Third Party Advisory
FEDORA-2019-1e5ae33e87-Third Party Advisory
FEDORA-2019-86bceb61b3-Third Party Advisory
RHSA-2020:0199-Third Party Advisory
GLSA-202005-12-Third Party Advisory

Keywords

CVE-2019-5544

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2019-5544

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures