6.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
0.0004 Low
EPSS
Percentile
11.8%
3. Denial-of-service vulnerability via Cortado ThinPrint (CVE-2022-22938)
VMware Workstation and Horizon Client for Windows contains a denial-of-service vulnerability in the Cortado ThinPrint component. The issue exists in the TrueType font parser. VMware has evaluated the severity of the issue to be in the Moderate severity range with a CVSSv3 base score of 4.0.
CPE | Name | Operator | Version |
---|---|---|---|
workstation | lt | 16.2.2 | |
horizon client for windows | lt | 5.5.3 |
customerconnect.vmware.com/downloads/details?downloadGroup=WKST-1622-WIN&productId=1038&rPId=82543
customerconnect.vmware.com/en/downloads/details?downloadGroup=CART23FQ1_WIN_553&productId=863&rPId=83368
customerconnect.vmware.com/en/downloads/details?downloadGroup=WKST-PLAYER-1622&productId=1039&rPId=82555
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22938
docs.vmware.com/en/VMware-Horizon-Client-for-Windows/5.5.3/rn/VMware-Horizon-Client-for-Windows-553-Release-Notes.html
docs.vmware.com/en/VMware-Workstation-Player/16.2.2/rn/VMware-Workstation-1622-Player-Release-Notes.html
docs.vmware.com/en/VMware-Workstation-Pro/16.2.2/rn/VMware-Workstation-1622-Pro-Release-Notes.html
www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
6.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
0.0004 Low
EPSS
Percentile
11.8%