Airwatch Console Security Vulnerabilities
The VMware Workspace ONE Unified Endpoint Management Console (A/W Console) 9.7.x prior to 9.7.0.3, 9.6.x prior to 9.6.0.7, 9.5.x prior to 9.5.0.16, 9.4.x prior to 9.4.0.22, 9.3.x prior to 9.3.0.25, 9.2.x prior to 9.2.3.27, and 9.1.x prior to 9.1.5.6 contains a SAML authentication bypass...
7.4CVSS
7.3AI Score
0.001EPSS
VMware AirWatch Console (9.2.x before 9.2.2 and 9.1.x before 9.1.5) contains a Cross Site Request Forgery vulnerability when accessing the App Catalog. An attacker may exploit this issue by tricking users into installing a malicious application on their...
8.8CVSS
8.6AI Score
0.003EPSS
VMware AirWatch Console (AWC) contains a Broken Access Control vulnerability. Successful exploitation of this issue could result in end-user device details being disclosed to an unauthorized...
4.9CVSS
5AI Score
0.001EPSS
VMware AirWatch Console 9.x prior to 9.2.0 contains a vulnerability that could allow an authenticated AWC user to add malicious data to an enrolled device's log files. Successful exploitation of this issue could result in an unsuspecting AWC user opening a CSV file which contains malicious...
7.8CVSS
7.3AI Score
0.001EPSS
VMware AirWatch Console 9.x prior to 9.2.0 contains a vulnerability that could allow an authenticated AWC user to add a malicious URL to an enrolled device's 'Links' page. Successful exploitation of this issue could result in an unsuspecting AWC user being redirected to a malicious...
5.4CVSS
5.8AI Score
0.001EPSS
Airwatch Inbox for Android contains a vulnerability that may allow a rooted device to decrypt the local data used by the application. Successful exploitation of this issue may result in an unauthorized disclosure of confidential...
3.8CVSS
5AI Score
0.001EPSS