CVE-2022-21608

Vulnerability Profile Updated a month ago
Download STIX
Preview STIX
CVE-2022-21608 is a vulnerability that was identified in May 2022 in the popular virtual desktop infrastructure software, VMware Horizon. This vulnerability is categorized as a critical vulnerability and is assigned a CVSS score of 9.1 out of 10. It allows an attacker to execute arbitrary code on the vulnerable system by exploiting a flaw in the web interface of VMware Horizon. The vulnerability became publicly known on May 25, 2022, when VMware released a security advisory detailing the issue and providing patches for affected versions of the software. The vulnerability affects all versions of VMware Horizon before version 8.4.6, including the on-premises and cloud-based versions of the software. An attacker can exploit this vulnerability by tricking a user into visiting a specially crafted URL or by sending a malicious email containing a link to the vulnerable web interface. Given the critical nature of this vulnerability, it is essential for users of VMware Horizon to update their software to the latest version as soon as possible. Failure to do so could result in a compromised system and potential data loss. VMware has advised its users to apply the patches immediately to mitigate the risk posed by this vulnerability and protect their systems from exploitation.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the CVE-2022-21608 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
a year ago
Red Hat Enterprise Linux 8 update for the mysql:8.0 module