CVE-2019-5543
Summary
| CVE | CVE-2019-5543 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2020-03-16 18:15:00 UTC |
| Updated | 2020-03-20 14:16:00 UTC |
| Description | For VMware Horizon Client for Windows (5.x and prior before 5.3.0), VMware Remote Console for Windows (10.x before 11.0.0), VMware Workstation for Windows (15.x before 15.5.2) the folder containing configuration files for the VMware USB arbitration service was found to be writable by all users. A local user on the system where the software is installed may exploit this issue to run commands as any user. |
Risk And Classification
Problem Types: CWE-732
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Microsoft | Windows | - | All | All | All |
| Operating System | Microsoft | Windows | - | All | All | All |
| Application | Vmware | Horizon Client | All | All | All | All |
| Application | Vmware | Horizon Client | All | All | All | All |
| Application | Vmware | Remote Console | All | All | All | All |
| Application | Vmware | Remote Console | All | All | All | All |
| Application | Vmware | Workstation | All | All | All | All |
| Application | Vmware | Workstation | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| VMSA-2020-0004.1 | CONFIRM | www.vmware.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.