Information Disclosure Vulnerability in VMware Horizon Client for Windows

Information Disclosure Vulnerability in VMware Horizon Client for Windows

CVE-2020-3998 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

VMware Horizon Client for Windows (5.x prior to 5.5.0) contains an information disclosure vulnerability. A malicious attacker with local privileges on the machine where Horizon Client for Windows is installed may be able to retrieve hashed credentials if the client crashes.

Learn more about our Web Application Penetration Testing UK.