Home / Early Warning / Vulnerabilidades / CVE-2020-3998

CVE-2020-3998

Type: 
Unavailable / Other
Severity: 
Medium
Publication date: 
10/23/2020
Last modified: 
10/30/2020
Description
VMware Horizon Client for Windows (5.x prior to 5.5.0) contains an information disclosure vulnerability. A malicious attacker with local privileges on the machine where Horizon Client for Windows is installed may be able to retrieve hashed credentials if the client crashes.
Impact
Access Vector: Through network
Access Complexity: Low
Authentication: Requires a single instance to exploit
Impact Type: No impact on system integrity + Partially affects on system confidentiality + No impact on system availability
Vulnerable software and versions
  • cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
  • cpe:2.3:a:vmware:horizon_client:*:*:*:*:*:*:*:*
To consult the complete list of products and versions see this page
References to Advisories, Solutions, and Tools
Explanation of fields