VMware AirWatch Console (9.2.x before 9.2.2 and 9.1.x before 9.1.5) contains a Cross Site Request Forgery vulnerability when accessing the App Catalog. An attacker may exploit this issue by tricking users into installing a malicious application on their devices.
[
{
"product": "AirWatch Console",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "9.2.x before 9.2.2"
},
{
"status": "affected",
"version": "9.1.x before 9.1.5"
}
]
}
]