CVE-2018-6964
First published: Tue May 29 2018(Updated: )
VMware Horizon Client for Linux (4.x before 4.8.0 and prior) contains a local privilege escalation vulnerability due to insecure usage of SUID binary. Successful exploitation of this issue may allow unprivileged users to escalate their privileges to root on a Linux machine where Horizon Client is installed.
Credit: security@vmware.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Vmware Horizon Client | >=4.0.0<4.8.0 | |
| Linux Linux kernel |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2018-6964.
What is the severity of CVE-2018-6964?
The severity of CVE-2018-6964 is high with a severity value of 7.8.
What is the affected software?
The affected software is VMware Horizon Client for Linux (4.x before 4.8.0 and prior).
What is the risk of this vulnerability?
The risk of this vulnerability is a local privilege escalation.
How can the vulnerability be exploited?
The vulnerability can be exploited by unprivileged users to escalate their privileges to root on a Linux machine where Horizon Client is installed.
- collector/nvd-index
- agent/type
- agent/severity
- agent/references
- agent/author
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/vmware
- canonical/vmware horizon client
- version/vmware horizon client/4.0.0
- vendor/linux
- canonical/linux linux kernel