VMware Horizon View Agent 6.x < 6.2.7 / 7.x < 7.5.1 Local Information Disclosure Vulnerability (VMSA-2018-0019)

Medium Nessus Plugin ID 111601

Synopsis

The remote host has a virtual desktop agent installed that is affected by an information disclosure vulnerability.

Description

The VMware Horizon View Agent installed on the remote host is 6.x prior to 6.2.7 or 7.x prior to 7.5.1. It is, therefore, affected by an information disclosure vulnerability related to the Message Framework library.

Solution

Upgrade to VMware Horizon View Agent 6.2.7, 7.5.1 or later.

See Also

https://www.vmware.com/security/advisories/VMSA-2018-0019.html

Plugin Details

Severity: Medium

ID: 111601

File Name: vmware_horizon_view_agent_VMSA-2018-0019.nasl

Version: 1.1

Type: local

Agent: windows

Family: Windows

Published: 2018/08/09

Modified: 2018/08/09

Dependencies: 63681

Risk Information

Risk Factor: Medium

CVSS Score Source: manual

CVSS Score Rationale: Typical information disclosure score.

CVSSv2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N

CVSSv3

Base Score: 4.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Vulnerability Information

CPE: cpe:/a:vmware:horizon_view_agent

Required KB Items: installed_sw/VMware View Agent

Patch Publication Date: 2018/08/07

Vulnerability Publication Date: 2018/08/07

Reference Information

CVE: CVE-2018-6970

BID: 105031

VMSA: 2018-0019

IAVA: 2018-A-0247