VMware ESXi 6.7 without ESXi670-201811401-BG and VMware ESXi 6.5 without ESXi650-201811301-BG contain uninitialized stack memory usage in the vmxnet3 virtual network adapter which may lead to an information leak from host to guest.
Conclusion & alert: CVE-2018-6982 is rated Low Risk (38.6/100): CVSS Medium severity, with low exploitation likelihood (EPSS 0.45%). Mandatory action: Monitor for updates and reassess as exploit intelligence or EPSS changes.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2026-06-15 | 0.34% | 0.45% | +0.12% |
| 2 | 2026-03-04 | 0.13% | 0.34% | +0.20% |
| 3 | 2026-03-01 | — | 0.13% | — |
Full EPSS history (39 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 6.5 | 3.1 | MEDIUM |
|
2.0 | 4.0 | [email protected] |
| 4.9 | 2.0 | MEDIUM |
|
3.9 | 6.9 | [email protected] |
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| vmware | workstation | >= 14.0.0, < 14.1.4 | cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:* |
| vmware | workstation | 15.0.0 | cpe:2.3:a:vmware:workstation:15.0.0:*:*:*:*:*:*:* |
| vmware | fusion | >= 10.0.0, < 10.1.4 | cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:* |
| vmware | fusion | 11.0.0 | cpe:2.3:a:vmware:fusion:11.0.0:*:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:-:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:1:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:1a:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:1b:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:2:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:3:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:3a:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201504401:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201505401:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201507101:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201507102:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201507401:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201507402:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201507403:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201507404:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201507405:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201507406:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201507407:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201509101:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201509102:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201509201:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201509202:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201509203:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201509204:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201509205:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201509206:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201509207:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201509208:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201509209:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201509210:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201510401:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201511401:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201601101:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201601102:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201601401:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201601402:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201601403:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201601404:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201601405:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201602401:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201603101:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201603102:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201603201:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201603202:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201603203:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201603204:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201603205:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201603206:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201603207:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201603208:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201605401:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201608101:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201608401:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201608402:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201608403:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201608404:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201608405:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201610410:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201611401:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201611402:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201611403:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201702101:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201702102:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201702201:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201702202:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201702203:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201702204:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201702205:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201702206:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201702207:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201702208:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201702209:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201702210:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201702211:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201702212:*:*:*:*:*:* |
| vmware | esxi | 6.0 | cpe:2.3:o:vmware:esxi:6.0:600-201703401:*:*:*:*:*:* |
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/105882 | Third Party Advisory VDB Entry |
| http://www.securitytracker.com/id/1042055 | Third Party Advisory VDB Entry |
| https://www.vmware.com/security/advisories/VMSA-2018-0027.html | Vendor Advisory |