CVE-2018-6964

3 documents3 sources

Severity

7.8HIGH

EPSS

0.0%

top 85.17%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Vmware Horizon Client Vmware Horizon Client FOR Linux

Timeline

PublishedMay 29

Latest updateMay 13

Description

VMware Horizon Client for Linux (4.x before 4.8.0 and prior) contains a local privilege escalation vulnerability due to insecure usage of SUID binary. Successful exploitation of this issue may allow unprivileged users to escalate their privileges to root on a Linux machine where Horizon Client is installed.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

▶CVEListV5vmware/horizon_client_for_linux4.x before 4.8.0 and prior

▶NVDvmware/horizon_client4.0.0 — 4.8.0

🔴Vulnerability Details

GHSA

GHSA-w5gh-72fc-wfgf: VMware Horizon Client for Linux (4↗2022-05-13

▶

CVEList

CVE-2018-6964: VMware Horizon Client for Linux (4↗2018-05-29

▶