exploitDog

CVE-2022-22908

Опубликовано: 26 фев. 2022

Источник: nvd

CVSS3: 5.5

CVSS2: 2.1

EPSS Низкий

Описание

SangforCSClient.exe in Sangfor VDI Client 5.4.2.1006 allows attackers, when they are able to read process memory, to discover the contents of the Username and Password fields.

Ссылки

https://github.com/NF-Security-Team/CVEs/tree/main/CVE-2022-22908
Exploit
Third Party Advisory
https://github.com/NF-Security-Team/CVEs/tree/main/CVE-2022-22908
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:sangfor:vdi_client:5.4.2.1006:*:*:*:*:*:*:*

EPSS

Процентиль: 16%

0.00052

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-522

Связанные уязвимости

GHSA-cvwc-5rxf-47fv

github

почти 4 года назад

SangforCSClient.exe in Sangfor VDI Client 5.4.2.1006 allows attackers, when they are able to read process memory, to discover the contents of the Username and Password fields.

EPSS

Процентиль: 16%

0.00052

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-522