CVE-2022-21608

Vulnerability updated 7 days ago (2024-11-29T14:12:08.506Z)
Download STIX
Preview STIX
CVE-2022-21608 is a vulnerability that was identified in May 2022 in the popular virtual desktop infrastructure software, VMware Horizon. This vulnerability is categorized as a critical vulnerability and is assigned a CVSS score of 9.1 out of 10. It allows an attacker to execute arbitrary code on the vulnerable system by exploiting a flaw in the web interface of VMware Horizon. The vulnerability became publicly known on May 25, 2022, when VMware released a security advisory detailing the issue and providing patches for affected versions of the software. The vulnerability affects all versions of VMware Horizon before version 8.4.6, including the on-premises and cloud-based versions of the software. An attacker can exploit this vulnerability by tricking a user into visiting a specially crafted URL or by sending a malicious email containing a link to the vulnerable web interface. Given the critical nature of this vulnerability, it is essential for users of VMware Horizon to update their software to the latest version as soon as possible. Failure to do so could result in a compromised system and potential data loss. VMware has advised its users to apply the patches immediately to mitigate the risk posed by this vulnerability and protect their systems from exploitation.
Description last updated: 2023-06-23T12:21:52.486Z
Aliases We are not currently tracking any aliases
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Source Document References
Information about the CVE-2022-21608 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
CERT-EU
2 years ago