CVE-2022-22908

SangforCSClient.exe in Sangfor VDI Client 5.4.2.1006 allows attackers, when they are able to read process memory, to discover the contents of the Username and Password fields.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 16%
VendorProductVersion
sangforvdi_client
5.4.2.1006
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/NF-Security-Team/CVEs/tree/main/CVE-2022-22908
https://github.com/NF-Security-Team/CVEs/tree/main/CVE-2022-22908