CVE-2022-22983 — MEDIUM (5.9)

Q: How severe is CVE-2022-22983?

CVE-2022-22983 has been rated MEDIUM with a CVSS base score of 5.9/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2022-22983?

Check the references section above for vendor advisories and patch information. Affected products include: Vmware Workstation.

Vulnerability Description

VMware Workstation (16.x prior to 16.2.4) contains an unprotected storage of credentials vulnerability. A malicious actor with local user privileges to the victim machine may exploit this vulnerability leading to the disclosure of user passwords of the remote server connected through VMware Workstation.

CVSS Score

5.9

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Vmware	Workstation	>= 16.0.0, < 16.2.4

Related Weaknesses (CWE)

CWE-522

References

https://www.vmware.com/security/advisories/VMSA-2022-0023.htmlPatchVendor Advisory
https://www.vmware.com/security/advisories/VMSA-2022-0023.htmlPatchVendor Advisory

FAQ

What is CVE-2022-22983?

CVE-2022-22983 is a vulnerability with a CVSS score of 5.9 (MEDIUM). VMware Workstation (16.x prior to 16.2.4) contains an unprotected storage of credentials vulnerability. A malicious actor with local user privileges to the victim machine may exploit this vulnerabilit...

How severe is CVE-2022-22983?

CVE-2022-22983 has been rated MEDIUM with a CVSS base score of 5.9/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-22983?

Check the references section above for vendor advisories and patch information. Affected products include: Vmware Workstation.