Lucene search

[email protected]CVE-2022-22983

HistoryAug 10, 2022 - 8:15 p.m.

CVE-2022-22983

2022-08-1020:15:00

CWE-522

[email protected]

web.nvd.nist.gov

vmware

workstation

security

vulnerability

cve-2022-22983

nvd

5.9 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N

5.6 Medium

AI Score

Confidence

High

1.5 Low

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:S/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.2%

JSON

VMware Workstation (16.x prior to 16.2.4) contains an unprotected storage of credentials vulnerability. A malicious actor with local user privileges to the victim machine may exploit this vulnerability leading to the disclosure of user passwords of the remote server connected through VMware Workstation.

CPENameOperatorVersion
vmware:workstationvmware workstationlt16.2.4

CPE	Name	Operator	Version
vmware:workstation	vmware workstation	lt	16.2.4

References

www.vmware.com/security/advisories/VMSA-2022-0023.html

Social References

5.9 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N

5.6 Medium

AI Score

Confidence

High

1.5 Low

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:S/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.2%

JSON

Related for CVE-2022-22983

nessus1 prion1 kaspersky1 vmware1