CVE-2022-22983

VMware Workstation (16.x prior to 16.2.4) contains an unprotected storage of credentials vulnerability. A malicious actor with local user privileges to the victim machine may exploit this vulnerability leading to the disclosure of user passwords of the remote server connected through VMware Workstation.

Published: Aug 10, 2022
Updated: Apr 14, 2023
CVE: CVE-2022-22983
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.9
AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N

CWEs:

CWE-522

OWASP TOP 10:

A2 - Broken Authentication

Affected Software
References

Software	From	Fixed in
vmware / workstation	16.0.0	16.2.4

https://www.vmware.com/security/advisories/VMSA-2022-0023.html

Vulnerability Database

289,599

CVE-2022-22983