CVE-2019-5544 — ESXi OpenSLP remote code execution vulnerability

Attacker Value

Unknown

CVE-2019-5544 — ESXi OpenSLP remote code execution vulnerability

Description

OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

Metrics

CVSS V3

Base Score:

9.8 Critical

Impact Score:

5.9

Exploitability Score:

3.9

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector (AV):

Network

Attack Complexity (AC):

Low

Privileges Required (PR):

None

User Interaction (UI):

None

Scope (S):

Unchanged

Confidentiality (C):

High

Integrity (I):

High

Availability (A):

High

Products

ESXi and Horizon DaaS

CPEs

Weaknesses

CWE-787

Nuclei Templates

VMware ESXi SLP - Heap Overflow DoS (https://github.com/projectdiscovery/nuclei-templates/blob/main/network/cves/2019/CVE-2019-5544.yaml)

Exploited in the Wild

Reported by:

hrbrmstr

Reported: November 10, 2020 7:30pm UTC (5 years ago)

gwillcox-r7 indicated source as News Article or Blog (https://blogs.juniper.net/en-us/threat-research/a-custom-python-backdoor-for-vmware-esxi-servers)

Reported: December 12, 2022 5:54pm UTC (3 years ago)

AttackerKB Worker indicated source as Government or Industry Alert (https://www.cisa.gov/known-exploited-vulnerabilities-catalog)

Reported: November 08, 2024 8:17am UTC (1 year ago)

References

Canonical

CVE-2019-5544 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5544)

Advisory

http://www.vmware.com/security/advisories/VMSA-2019-0022.html

[oss-security] 20191210 Re: CVE-2019-5544 openslp 1.2.1, 2.0.0 heap overflow vulnerability (http://www.openwall.com/lists/oss-security/2019/12/10/2)

[oss-security] 20191211 Re: CVE-2019-5544 openslp 1.2.1, 2.0.0 heap overflow vulnerability (http://www.openwall.com/lists/oss-security/2019/12/11/2)

https://access.redhat.com/errata/RHSA-2019:4240

FEDORA-2019-1e5ae33e87 (https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZPXXJZLPLAQULBCJVI5NNWZ3PGWXGXWG)

FEDORA-2019-86bceb61b3 (https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DA3LYAJ2NRKMOZLZOQNDJ5TNQRFMWGHF)

https://access.redhat.com/errata/RHSA-2020:0199

GLSA-202005-12 (https://security.gentoo.org/glsa/202005-12)

FEDORA-2019-1e5ae33e87 (https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZPXXJZLPLAQULBCJVI5NNWZ3PGWXGXWG/)

FEDORA-2019-86bceb61b3 (https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DA3LYAJ2NRKMOZLZOQNDJ5TNQRFMWGHF/)

Rapid7

Unknown