Design/Logic Flaw

2017-11-1621:29:00

PRIOn knowledge base

www.prio-n.com

7.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

50.2%

JSON

VMware AirWatch Console 9.x prior to 9.2.0 contains a vulnerability that could allow an authenticated AWC user to add malicious data to an enrolled device’s log files. Successful exploitation of this issue could result in an unsuspecting AWC user opening a CSV file which contains malicious content.

CPENameOperatorVersion
airwatchge9.0.0
airwatchlt9.2.0

CPE	Name	Operator	Version
	airwatch	ge	9.0.0
	airwatch	lt	9.2.0

References

www.securityfocus.com/bid/101772

www.securitytracker.com/id/1039750

www.vmware.com/us/security/advisories/VMSA-2017-0016.html