{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T18:47:04.204","vulnerabilities":[{"cve":{"id":"CVE-2021-21989","sourceIdentifier":"security@vmware.com","published":"2021-05-24T12:15:07.597","lastModified":"2024-11-21T05:49:23.607","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"VMware Workstation (16.x prior to 16.1.2) and Horizon Client for Windows (5.x prior to 5.5.2) contain out-of-bounds read vulnerability in the Cortado ThinPrint component (TTC Parser). A malicious actor with access to a virtual machine or remote desktop may be able to exploit these issues leading to information disclosure from the TPView process running on the system where Workstation or Horizon Client for Windows is installed."},{"lang":"es","value":"VMware Workstation (versiones 16.x anteriores a 16.1.2) y Horizon Client para Windows (versiones 5.x anteriores a 5.5.2) contienen una vulnerabilidad de lectura fuera de límites en el componente Cortado ThinPrint (TTC Parser). Un actor malicioso con acceso a una máquina virtual o un escritorio remoto puede ser capaz de explotar estos problemas conllevando a una divulgación de información del proceso TPView que se ejecuta en el sistema donde está instalado Workstation o Horizon Client para Windows"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.0,"impactScore":4.0}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:N/A:N","baseScore":2.1,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":3.9,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0.0","versionEndExcluding":"16.1.2","matchCriteriaId":"305568EF-0FA2-49A5-8136-26AC93E48CFF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:horizon_client:*:*:*:*:*:*:*:*","versionStartIncluding":"5.0.0","versionEndExcluding":"5.5.2","matchCriteriaId":"3637162B-7B0D-40DE-83CD-E3CCB0858B08"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://www.vmware.com/security/advisories/VMSA-2021-0009.html","source":"security@vmware.com","tags":["Patch","Vendor Advisory"]},{"url":"https://www.zerodayinitiative.com/advisories/ZDI-21-610/","source":"security@vmware.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://www.vmware.com/security/advisories/VMSA-2021-0009.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"https://www.zerodayinitiative.com/advisories/ZDI-21-610/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]}]}}]}