Allele Security Alert
ASA-2019-00425
Identifier(s)
ASA-2019-00425, CVE-2019-5528, VMSA-2019-0011
Title
Partial denial of service vulnerability in hostd process
Vendor(s)
VMware, Inc
Product(s)
VMware ESXi
Affected version(s)
VMware ESXi version 6.7
VMware ESXi version 6.5
Fixed version(s)
VMware ESXi version 6.7 patch pending
VMware ESXi version 6.5 ESXi650-201907201-UG
Proof of concept
Unknown
Description
Multiple failed login attempts to ESXi may cause the hostd service to become unresponsive resulting in a partial denial of service for management functionality.
A malicious actor with network access to an ESXi host could create a partial denial of service condition in management functionality. Successful exploitation of this issue may cause hostd to become unresponsive resulting in conditions such as an ESXi host disconnecting from vCenter.
Technical details
Unknown
Credits
Unknown
Reference(s)
VMSA-2019-0011
https://www.vmware.com/security/advisories/VMSA-2019-0011.html
CVE-2019-5528
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5528
CVE-2019-5528
https://nvd.nist.gov/vuln/detail/CVE-2019-5528
If there is any error in this alert or you wish a comprehensive analysis, let us know.
Last modified: July 12, 2019