Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Session Hijack Vulnerability in Deprecated EAP Browser Plugin
Vulnerability Description
Session Hijack vulnerability in Deprecated VMware Enhanced Authentication Plug-in could allow a malicious actor with unprivileged local access to a windows operating system can hijack a privileged EAP session when initiated by a privileged domain user on the same system.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
会话固定
Vulnerability Title
VMware Enhanced Authentication Plug-in 安全漏洞
Vulnerability Description
VMware Enhanced Authentication Plug-in是美国威睿(VMware)公司的VMware Horizon 客户端的一部分,用于提供额外的身份验证层,以增强对 VMware Horizon 虚拟桌面和应用程序的访问的安全性。 VMware Enhanced Authentication Plug-in 存在安全漏洞,该漏洞源于存在会话劫持漏洞,可能允许对Windows操作系统具有非特权本地访问权限的攻击者劫持特权会话。
CVSS Information
N/A
Vulnerability Type
N/A