{"containers": {"cna": {"affected": [{"product": "ESXi", "vendor": "VMware", "versions": [{"status": "affected", "version": "6.5 before ESXi650-201712103-SG"}, {"status": "affected", "version": "6.0 before ESXi600-201711103-SG"}, {"status": "affected", "version": "5.5 before ESXi550-201709102-SG)"}]}], "datePublic": "2017-12-19T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "The ESXi Host Client in VMware ESXi (6.5 before ESXi650-201712103-SG, 5.5 before ESXi600-201711103-SG and 5.5 before ESXi550-201709102-SG) contains a vulnerability that may allow for stored cross-site scripting (XSS). An attacker can exploit this vulnerability by injecting Javascript, which might get executed when other users access the Host Client."}], "problemTypes": [{"descriptions": [{"description": "Stored cross-site scripting vulnerability", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-12-21T10:57:01.000Z", "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "shortName": "vmware"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.vmware.com/security/advisories/VMSA-2017-0021.html"}, {"name": "1040024", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1040024"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@vmware.com", "DATE_PUBLIC": "2017-12-19T00:00:00", "ID": "CVE-2017-4940", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "ESXi", "version": {"version_data": [{"version_value": "6.5 before ESXi650-201712103-SG"}, {"version_value": "6.0 before ESXi600-201711103-SG"}, {"version_value": "5.5 before ESXi550-201709102-SG)"}]}}]}, "vendor_name": "VMware"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The ESXi Host Client in VMware ESXi (6.5 before ESXi650-201712103-SG, 5.5 before ESXi600-201711103-SG and 5.5 before ESXi550-201709102-SG) contains a vulnerability that may allow for stored cross-site scripting (XSS). An attacker can exploit this vulnerability by injecting Javascript, which might get executed when other users access the Host Client."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Stored cross-site scripting vulnerability"}]}]}, "references": {"reference_data": [{"name": "https://www.vmware.com/security/advisories/VMSA-2017-0021.html", "refsource": "CONFIRM", "url": "https://www.vmware.com/security/advisories/VMSA-2017-0021.html"}, {"name": "1040024", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1040024"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T14:47:43.217Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.vmware.com/security/advisories/VMSA-2017-0021.html"}, {"name": "1040024", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1040024"}]}]}, "cveMetadata": {"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "assignerShortName": "vmware", "cveId": "CVE-2017-4940", "datePublished": "2017-12-20T15:00:00.000Z", "dateReserved": "2016-12-26T00:00:00.000Z", "dateUpdated": "2024-09-17T03:02:37.214Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:vmware:esxi:5.5:-:*:*:*:*:*:*", "matchCriteriaId": "BB90FDCA-A848-4D4D-8A6F-FD04D702EC85", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:5.5:1:*:*:*:*:*:*", "matchCriteriaId": "4DC223AC-EB3D-48CF-A6CC-D35E00A38394", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:5.5:2:*:*:*:*:*:*", "matchCriteriaId": "75C8E87E-A869-49F8-89F9-DE64A45CDB35", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:5.5:3a:*:*:*:*:*:*", "matchCriteriaId": "E7F8878C-F73D-4549-9607-74880176D2B0", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:5.5:3b:*:*:*:*:*:*", "matchCriteriaId": "E47D369F-13B2-42B3-BB74-60AAD0954B26", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:5.5:550-20170901001s:*:*:*:*:*:*", "matchCriteriaId": "45551873-2E14-4324-9946-C22079F7D0D0", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:-:*:*:*:*:*:*", "matchCriteriaId": "3E8861F4-D390-4738-BBF0-9EE4684E9667", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:1:*:*:*:*:*:*", "matchCriteriaId": "52403C80-3022-4E5B-B16A-24B116D1E6B9", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:1a:*:*:*:*:*:*", "matchCriteriaId": "FBECED2E-05FD-492E-8B57-9BB8ADA82444", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:1b:*:*:*:*:*:*", "matchCriteriaId": "3C3FBBA4-01FA-45B5-AEDF-FFFE941163FE", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:2:*:*:*:*:*:*", "matchCriteriaId": "A63E3C72-3145-4661-BBCD-8A67EC0CDDF3", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:3:*:*:*:*:*:*", "matchCriteriaId": "9159F6E1-6A36-4D3C-85B1-2205B90CD244", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:3a:*:*:*:*:*:*", "matchCriteriaId": "C2C08C24-FBAC-49B8-AABF-4FF8BADA3412", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201504401:*:*:*:*:*:*", "matchCriteriaId": "2B9D5E67-78C9-495E-91F0-AF94871E5FA2", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201505401:*:*:*:*:*:*", "matchCriteriaId": "6D35CDFE-F0E7-43F7-A307-E3BDDE5AEAD5", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201507101:*:*:*:*:*:*", "matchCriteriaId": "ADC13026-3B5A-4BF0-BDEC-B77338E427E8", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201507102:*:*:*:*:*:*", "matchCriteriaId": "6CBA70BA-FFCD-4D2D-AD26-95CC62748937", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201507401:*:*:*:*:*:*", "matchCriteriaId": "4C92DD8B-8AB8-40D4-8E86-12FEB055D37A", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201507402:*:*:*:*:*:*", "matchCriteriaId": "C58D77F5-CDB2-47DA-A879-BABEBE2E1E04", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201507403:*:*:*:*:*:*", "matchCriteriaId": "D0C324FB-3989-4A4A-BF5B-C40CA698DDB7", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201507404:*:*:*:*:*:*", "matchCriteriaId": "0E7AC58E-D1F8-4FDF-9A28-61CF6158330A", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201507405:*:*:*:*:*:*", "matchCriteriaId": "489EE0F6-5510-470E-8711-DC08B4AFB4F7", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201507406:*:*:*:*:*:*", "matchCriteriaId": "6719ED6F-CBC3-4B1E-9343-23DC3BA15FDA", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201507407:*:*:*:*:*:*", "matchCriteriaId": "DDAA48A9-9319-4104-B151-D529E5EBF0F7", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201509101:*:*:*:*:*:*", "matchCriteriaId": "D16CD918-5075-4975-8B1E-21D8AD35A28E", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201509102:*:*:*:*:*:*", "matchCriteriaId": "7A38CD8E-494D-4E0E-A300-8550FC81FAE4", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201509201:*:*:*:*:*:*", "matchCriteriaId": "1F40ABE8-8DED-4633-A34C-00DF5D510E71", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201509202:*:*:*:*:*:*", "matchCriteriaId": "1736B975-089B-413C-8CA0-5524B957EF9A", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201509203:*:*:*:*:*:*", "matchCriteriaId": "0E4DCBF6-7189-497A-B923-08574443172C", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201509204:*:*:*:*:*:*", "matchCriteriaId": "16FBA646-0B5E-44A7-BB12-29D5C611AEC5", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201509205:*:*:*:*:*:*", "matchCriteriaId": "29F57497-7B48-4D0C-B8F5-8D33062BECEE", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201509206:*:*:*:*:*:*", "matchCriteriaId": "ADDE96C7-C489-4D14-990B-8524627A23D2", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201509207:*:*:*:*:*:*", "matchCriteriaId": "AD82C093-FD98-45DE-9EE6-A05E81A1FEC6", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201509208:*:*:*:*:*:*", "matchCriteriaId": "08789F9E-CDC7-4F89-B925-92C9E3AE5234", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201509209:*:*:*:*:*:*", "matchCriteriaId": "26ABB84C-B4BF-424E-8F4C-D2B6BE0AC79E", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201509210:*:*:*:*:*:*", "matchCriteriaId": "621C203B-4B66-49CC-A35D-D7703109BF14", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201510401:*:*:*:*:*:*", "matchCriteriaId": "3261BDEF-D89C-41D9-A360-EC36EAB17490", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201511401:*:*:*:*:*:*", "matchCriteriaId": "5170A4F6-02B7-4225-B944-73DB5A4D332C", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201601101:*:*:*:*:*:*", "matchCriteriaId": "62A97DBA-A56B-4F0B-B9C4-44B5166681AF", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201601102:*:*:*:*:*:*", "matchCriteriaId": "806C8BE6-A2BE-45BE-BEF2-396BEB16FCC3", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201601401:*:*:*:*:*:*", "matchCriteriaId": "DBA6211E-134A-484E-8444-FBB5070B395D", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201601402:*:*:*:*:*:*", "matchCriteriaId": "3E7B05B3-4076-4A44-B9A6-A44419F175C2", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201601403:*:*:*:*:*:*", "matchCriteriaId": "1A1636B4-6E79-42D7-AA62-5EE43412B43A", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201601404:*:*:*:*:*:*", "matchCriteriaId": "0F0377D0-BBED-41BF-80C5-58414ED413EE", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201601405:*:*:*:*:*:*", "matchCriteriaId": "6495283C-D18A-4DDA-852E-46F2273D6DAC", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201602401:*:*:*:*:*:*", "matchCriteriaId": "09DEFEE5-5E9E-4F3A-A245-3E8E2B291339", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201603101:*:*:*:*:*:*", "matchCriteriaId": "4B5A97A3-65DB-4697-9CF1-B4F5E4E4132F", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201603102:*:*:*:*:*:*", "matchCriteriaId": "17A84E0A-1429-467F-9EE1-FCA062392DC2", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201603201:*:*:*:*:*:*", "matchCriteriaId": "C591163D-64BC-403B-A460-5B2258EC2F8A", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201603202:*:*:*:*:*:*", "matchCriteriaId": "ED932B89-D34D-4398-8F79-AF98987CAFD0", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201603203:*:*:*:*:*:*", "matchCriteriaId": "ABD365A0-0B09-4EC2-9973-691144C99507", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201603204:*:*:*:*:*:*", "matchCriteriaId": "FBE64DC7-A9D1-416F-89BF-D9F8DD8174AA", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201603205:*:*:*:*:*:*", "matchCriteriaId": "0E198AE4-A6A3-4875-A7DA-44BE9E1B280F", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201603206:*:*:*:*:*:*", "matchCriteriaId": "2FDD5BA0-8180-484D-8308-B0862B6E9DC3", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201603207:*:*:*:*:*:*", "matchCriteriaId": "96A6EB9A-A908-42D1-A6BC-E38E861BBECE", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201603208:*:*:*:*:*:*", "matchCriteriaId": "651EDCAA-D785-464D-AE41-425A69F6FFB7", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201605401:*:*:*:*:*:*", "matchCriteriaId": "1B3C704C-9D60-4F72-B482-07F209985E68", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201608101:*:*:*:*:*:*", "matchCriteriaId": "C1CFE956-4391-4B71-BD0B-96A008A624B7", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201608401:*:*:*:*:*:*", "matchCriteriaId": "409778CD-9AB3-4793-A5F5-8D8657F81442", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201608402:*:*:*:*:*:*", "matchCriteriaId": "F7EA75DB-B6BE-4E75-89B6-C69E96CBD7BF", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201608403:*:*:*:*:*:*", "matchCriteriaId": "0DC45A8B-6DE0-465F-9644-B75A09394F25", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201608404:*:*:*:*:*:*", "matchCriteriaId": "7A265671-BCB0-401A-A1E8-500F9D41492E", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201608405:*:*:*:*:*:*", "matchCriteriaId": "83168067-1E43-4186-9B15-3FC702C6583C", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201610410:*:*:*:*:*:*", "matchCriteriaId": "8C122DB4-8410-4C4E-87BE-EB3175CE182B", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201611401:*:*:*:*:*:*", "matchCriteriaId": "C76ED78D-0778-4269-938E-BB7586C1E44E", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201611402:*:*:*:*:*:*", "matchCriteriaId": "7A1F78C5-E995-4E37-83C5-5B6A1D39E549", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201611403:*:*:*:*:*:*", "matchCriteriaId": "7A2E842D-AF37-4641-AD05-B91F250E7487", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201702101:*:*:*:*:*:*", "matchCriteriaId": "A07EAC87-32FD-4553-B71D-181F2C66AE68", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201702102:*:*:*:*:*:*", "matchCriteriaId": "AD6F0D62-4C51-46D6-A6C4-E479BE6B2C91", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201702201:*:*:*:*:*:*", "matchCriteriaId": "865D3042-68ED-44B9-A036-9433F7463D6F", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201702202:*:*:*:*:*:*", "matchCriteriaId": "FC4FEF78-D2DA-4CCE-BB81-7E2090ED545C", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201702203:*:*:*:*:*:*", "matchCriteriaId": "11AE3F61-9655-4B20-96E1-92112BE2BEDC", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201702204:*:*:*:*:*:*", "matchCriteriaId": "ECE35166-3019-450B-9C69-484E4EDE5A6D", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201702205:*:*:*:*:*:*", "matchCriteriaId": "D892B066-381B-4F46-8363-7BA1647BBCD8", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201702206:*:*:*:*:*:*", "matchCriteriaId": "710DB381-5504-4493-8D0A-17AB8E5A903B", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201702207:*:*:*:*:*:*", "matchCriteriaId": "42AAA3B7-B74D-4B67-8BD3-1D9B5ED1E037", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201702208:*:*:*:*:*:*", "matchCriteriaId": "33CBCA55-010E-4E84-B2F8-F9B53D5A3340", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201702209:*:*:*:*:*:*", "matchCriteriaId": "95A73B4B-F9B3-4D66-9668-902902C73CB6", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201702210:*:*:*:*:*:*", "matchCriteriaId": "8D14D51D-E2EA-4826-8C6E-AF1C15F12384", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201702211:*:*:*:*:*:*", "matchCriteriaId": "BED100A1-9D59-48BE-91D4-0C8F2D678E6E", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201702212:*:*:*:*:*:*", "matchCriteriaId": "660B51F2-DFE0-49F6-AD2A-6E94B20F4019", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201703401:*:*:*:*:*:*", "matchCriteriaId": "8BF80536-348A-468E-AC1C-DA53632FCC83", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201706101:*:*:*:*:*:*", "matchCriteriaId": "CFABF302-AC32-4507-BDD9-314854DE55BB", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201706102:*:*:*:*:*:*", "matchCriteriaId": "9EDE020F-4FB1-4F1D-B434-6745045702D5", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201706103:*:*:*:*:*:*", "matchCriteriaId": "AA1538B9-E860-46CE-A4CA-1393ECA20D30", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201706401:*:*:*:*:*:*", "matchCriteriaId": "386A6805-6167-47BA-A02F-073DC7E0FE36", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201706402:*:*:*:*:*:*", "matchCriteriaId": "03BA15D8-F7A2-428C-8104-BCEBDE7C1EC0", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201706403:*:*:*:*:*:*", "matchCriteriaId": "1CFCFE7B-37E5-4C64-9B43-4F693F227231", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.0:600-201710301:*:*:*:*:*:*", "matchCriteriaId": "02CFAE22-37DB-4787-96FB-9E0F8EF671E7", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*", "matchCriteriaId": "FBA15143-734D-4889-8B5A-2445A2DDDD4B", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201701001:*:*:*:*:*:*", "matchCriteriaId": "04FA10C6-2B0D-47C9-8C4E-1BA98C97DC7A", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703001:*:*:*:*:*:*", "matchCriteriaId": "0D2ED442-3F6D-472A-AA98-51D05A65B2E0", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703002:*:*:*:*:*:*", "matchCriteriaId": "2A71EC72-3389-4EC7-8104-2A78F7B8C0DC", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201704001:*:*:*:*:*:*", "matchCriteriaId": "F948E806-0F73-4145-A723-7A43BA45842B", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707101:*:*:*:*:*:*", "matchCriteriaId": "75FAFF86-C65F-4723-8A63-BACE2F797937", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707102:*:*:*:*:*:*", "matchCriteriaId": "DBC31DE3-ACFE-422F-B253-2FE4AAFE3954", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707103:*:*:*:*:*:*", "matchCriteriaId": "B30B3EA4-495F-4915-B6E3-5FB9277C2DE6", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707201:*:*:*:*:*:*", "matchCriteriaId": "6FA9E337-B4F3-4895-BA58-962F8CDEE73E", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707202:*:*:*:*:*:*", "matchCriteriaId": "830B0BC1-A368-49AC-B6C9-B000972EF92A", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707203:*:*:*:*:*:*", "matchCriteriaId": "614394F3-3BEE-4E12-AABF-436D54A04313", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707204:*:*:*:*:*:*", "matchCriteriaId": "350FD3CE-8B64-4FCF-82DE-BE941156F4F6", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707205:*:*:*:*:*:*", "matchCriteriaId": "C9EAE177-6C7E-4C1B-ADEE-2C036F731272", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707206:*:*:*:*:*:*", "matchCriteriaId": "DFFEEC31-8462-4DF9-A1DA-D7057C209CBA", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707207:*:*:*:*:*:*", "matchCriteriaId": "0AC6BC16-0A1D-44B3-BA68-63EA05EDD54B", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707208:*:*:*:*:*:*", "matchCriteriaId": "942DAD67-9455-4D02-BD3B-BFD2DE7A7E52", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707209:*:*:*:*:*:*", "matchCriteriaId": "7ACC1A72-F6B6-430A-AB89-AB0A11587F58", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707210:*:*:*:*:*:*", "matchCriteriaId": "45111C74-BF6F-4C05-A0D3-CE325AD0C02B", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707211:*:*:*:*:*:*", "matchCriteriaId": "B1CE5849-01B1-4E36-83E8-496A3F328C9C", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707212:*:*:*:*:*:*", "matchCriteriaId": "A879BA05-3A80-4EBC-AA9D-9B53695425B4", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707213:*:*:*:*:*:*", "matchCriteriaId": "3D65A0E8-A1E0-42F3-B77D-2F32979278BB", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707214:*:*:*:*:*:*", "matchCriteriaId": "80C10150-39BA-4818-B48F-8645D4A0D316", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707215:*:*:*:*:*:*", "matchCriteriaId": "9792B986-86EF-40E0-9427-A45F858717E1", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707216:*:*:*:*:*:*", "matchCriteriaId": "37EDD688-C91A-4A35-913A-82E156ADD242", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707217:*:*:*:*:*:*", "matchCriteriaId": "5CC1AC0E-8D3F-46C0-BDA9-EB9DC9971F57", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707218:*:*:*:*:*:*", "matchCriteriaId": "47DA50DA-7CA4-4B76-8B3B-A5732509F71D", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707219:*:*:*:*:*:*", "matchCriteriaId": "76EB1A04-0645-4909-AEF9-33D6FADA4793", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707220:*:*:*:*:*:*", "matchCriteriaId": "F1A35723-D968-42D6-89EB-86CA550516E6", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707221:*:*:*:*:*:*", "matchCriteriaId": "C3AC8A19-F98E-48F1-A1EA-EAA1C7208335", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201710001:*:*:*:*:*:*", "matchCriteriaId": "2D6A3952-8429-4762-8701-47D7C1F05A5F", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201712001:*:*:*:*:*:*", "matchCriteriaId": "5B007609-C312-469B-BACF-04D6D80DADF7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The ESXi Host Client in VMware ESXi (6.5 before ESXi650-201712103-SG, 5.5 before ESXi600-201711103-SG and 5.5 before ESXi550-201709102-SG) contains a vulnerability that may allow for stored cross-site scripting (XSS). An attacker can exploit this vulnerability by injecting Javascript, which might get executed when other users access the Host Client."}, {"lang": "es", "value": "El ESXi Host Client en VMware ESXi (6.5 anteriores a la ESXi650-201712103-SG, 5.5 anteriores a la ESXi600-201711103-SG y 5.5 anteriores a la ESXi550-201709102-SG) contiene una vulnerabilidad que podr\u00eda contener Cross-Site Scripting (XSS) persistente. Un atacante puede explotar esta vulnerabilidad inyectando c\u00f3digo JavaScript que podr\u00eda ejecutarse cuando otros usuarios acceden a Host Client."}], "id": "CVE-2017-4940", "lastModified": "2025-04-20T01:37:25.860", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-12-20T15:29:00.247", "references": [{"source": "security@vmware.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1040024"}, {"source": "security@vmware.com", "tags": ["Vendor Advisory"], "url": "https://www.vmware.com/security/advisories/VMSA-2017-0021.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1040024"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.vmware.com/security/advisories/VMSA-2017-0021.html"}], "sourceIdentifier": "security@vmware.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}