QID 376853

Date Published: 2022-08-24

QID 376853: VMware Workstation Unprotected Storage of Credentials Vulnerability (VMSA-2022-0023)

VMware Workstation is a hosted hypervisor that runs on x64 versions of Windows and Linux operating systems.

Affected Versions:
VMware Workstation Pro 16.x prior to 16.2.4

QID Detection Logic (Authenticated):
This QID checks for vulnerable versions of Workstation exe file.

A malicious actor with local user privileges to the victim machine may exploit this vulnerability leading to the disclosure of user passwords of the remote server connected through VMware Workstation.

  • CVSS V3 rated as Medium - 5.9 severity.
  • CVSS V2 rated as Medium - 4.6 severity.
  • Solution
    Vmware has released patch for VMware Workstation

    Refer to VMware advisory VMSA-2022-0023 for more information.

    CVEs related to QID 376853

    Software Advisories
    Advisory ID Software Component Link
    VMSA-2022-0023 URL Logo www.vmware.com/security/advisories/VMSA-2022-0023.html