CVE-2021-21988 - OpenCVE

VMware Workstation (16.x prior to 16.1.2) and Horizon Client for Windows (5.x prior to 5.5.2) contain out-of-bounds read vulnerability in the Cortado ThinPrint component (JPEG2000 Parser). A malicious actor with access to a virtual machine or remote desktop may be able to exploit these issues leading to information disclosure from the TPView process running on the system where Workstation or Horizon Client for Windows is installed.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:L/AC:L/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Microsoft	Windows
Vmware	Horizon Client Workstation

Configuration 1 [-]

cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:a:vmware:horizon_client:*:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://www.vmware.com/security/advisories/VMSA-2021-0009.html
https://www.zerodayinitiative.com/advisories/ZDI-21-609/

History

No history.

MITRE

Status: PUBLISHED

Assigner: vmware

Published: 2021-05-24T11:35:00

Updated: 2024-08-03T18:30:23.700Z

Reserved: 2021-01-04T00:00:00

Link: CVE-2021-21988

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2021-05-24T12:15:07.563

Modified: 2021-06-04T19:37:58.443

Link: CVE-2021-21988

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "VMware Workstation Pro / Player (Workstation), VMware Horizon Client for Windows", "vendor": "n/a", "versions": [{"status": "affected", "version": "VMware Workstation (16.x prior to 16.1.2) and Horizon Client for Windows (5.x prior to 5.5.2)"}]}], "descriptions": [{"lang": "en", "value": "VMware Workstation (16.x prior to 16.1.2) and Horizon Client for Windows (5.x prior to 5.5.2) contain out-of-bounds read vulnerability in the Cortado ThinPrint component (JPEG2000 Parser). A malicious actor with access to a virtual machine or remote desktop may be able to exploit these issues leading to information disclosure from the TPView process running on the system where Workstation or Horizon Client for Windows is installed."}], "problemTypes": [{"descriptions": [{"description": "Out-of-bounds read vulnerability in Cortado ThinPrint", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-05-25T17:06:08", "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "shortName": "vmware"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.vmware.com/security/advisories/VMSA-2021-0009.html"}, {"tags": ["x_refsource_MISC"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-609/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@vmware.com", "ID": "CVE-2021-21988", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "VMware Workstation Pro / Player (Workstation), VMware Horizon Client for Windows", "version": {"version_data": [{"version_value": "VMware Workstation (16.x prior to 16.1.2) and Horizon Client for Windows (5.x prior to 5.5.2)"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "VMware Workstation (16.x prior to 16.1.2) and Horizon Client for Windows (5.x prior to 5.5.2) contain out-of-bounds read vulnerability in the Cortado ThinPrint component (JPEG2000 Parser). A malicious actor with access to a virtual machine or remote desktop may be able to exploit these issues leading to information disclosure from the TPView process running on the system where Workstation or Horizon Client for Windows is installed."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Out-of-bounds read vulnerability in Cortado ThinPrint"}]}]}, "references": {"reference_data": [{"name": "https://www.vmware.com/security/advisories/VMSA-2021-0009.html", "refsource": "MISC", "url": "https://www.vmware.com/security/advisories/VMSA-2021-0009.html"}, {"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-609/", "refsource": "MISC", "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-609/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T18:30:23.700Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.vmware.com/security/advisories/VMSA-2021-0009.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-609/"}]}]}, "cveMetadata": {"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "assignerShortName": "vmware", "cveId": "CVE-2021-21988", "datePublished": "2021-05-24T11:35:00", "dateReserved": "2021-01-04T00:00:00", "dateUpdated": "2024-08-03T18:30:23.700Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*", "matchCriteriaId": "305568EF-0FA2-49A5-8136-26AC93E48CFF", "versionEndExcluding": "16.1.2", "versionStartIncluding": "16.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:vmware:horizon_client:*:*:*:*:*:*:*:*", "matchCriteriaId": "3637162B-7B0D-40DE-83CD-E3CCB0858B08", "versionEndExcluding": "5.5.2", "versionStartIncluding": "5.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "VMware Workstation (16.x prior to 16.1.2) and Horizon Client for Windows (5.x prior to 5.5.2) contain out-of-bounds read vulnerability in the Cortado ThinPrint component (JPEG2000 Parser). A malicious actor with access to a virtual machine or remote desktop may be able to exploit these issues leading to information disclosure from the TPView process running on the system where Workstation or Horizon Client for Windows is installed."}, {"lang": "es", "value": "VMware Workstation (versiones 16.x anteriores a 16.1.2) y Horizon Client para Windows (versiones 5.x anteriores a 5.5.2) contienen una vulnerabilidad de lectura fuera de l\u00edmites en el componente Cortado ThinPrint (JPEG2000 Parser). Un actor malicioso con acceso a una m\u00e1quina virtual o escritorio remoto puede explotar estos problemas que conllevan a una divulgaci\u00f3n de informaci\u00f3n del proceso TPView que se ejecuta en el sistema donde est\u00e1 instalado Workstation o Horizon Client para Windows"}], "id": "CVE-2021-21988", "lastModified": "2021-06-04T19:37:58.443", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.0, "impactScore": 4.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-05-24T12:15:07.563", "references": [{"source": "security@vmware.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.vmware.com/security/advisories/VMSA-2021-0009.html"}, {"source": "security@vmware.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-609/"}], "sourceIdentifier": "security@vmware.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "nvd@nist.gov", "type": "Primary"}]}