Information Disclosure Vulnerability in Sangfor VDI Client 5.4.2.1006

Information Disclosure Vulnerability in Sangfor VDI Client 5.4.2.1006

CVE-2022-22908 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

SangforCSClient.exe in Sangfor VDI Client 5.4.2.1006 allows attackers, when they are able to read process memory, to discover the contents of the Username and Password fields.

Learn more about our User Device Pen Test.