Lucene search
+L
VmwareAirwatch

4 matches found

cve
cve
added 2014/12/11 3:0 p.m.61 views

CVE-2014-8372

Affected product: AirWatch by VMware On-Premise 7.3.x (prior to 7.3.3.0 FP3). Issue: Direct object reference enables remote authenticated users to view organizational information and statistics of other tenants. This is an information disclosure vulnerability in multi-tenant deployments. Root cau...

4CVSS6.2AI score0.00937EPSS
cve
cve
added 2018/01/29 4:0 p.m.60 views

CVE-2017-4951

The CVE-2017-4951 CSRF flaw affects VMware AirWatch Console in versions 9.2.x before 9.2.2 and 9.1.x before 9.1.5, caused by a user-input validation issue that enables cross-site request forgery when accessing the App Catalog. An attacker could lure an authenticated user into installing a malicio...

8.8CVSS8.6AI score0.00832EPSS
cve
cve
added 2017/11/16 9:0 p.m.58 views

CVE-2017-4930

CVE-2017-4930 affects VMware AirWatch Console 9.x before 9.2.0. An authenticated AWC user can inject a malicious URL into an enrolled device’s ‘Links’ page, leading to a redirected user. Root cause: stored XSS in the Links feature. Remediation: upgrade to AirWatch Console 9.2.0 or later (as per V...

5.4CVSS5.8AI score0.00902EPSS
cve
cve
added 2017/11/16 9:0 p.m.50 views

CVE-2017-4931

CVE-2017-4931 affects VMware AirWatch Console 9.x before 9.2.0. An authenticated AWC user can add malicious data to an enrolled device’s log files, potentially causing a user to open a CSV containing malicious content. The issue is mitigated by upgrading to AirWatch Console 9.2.0 or later (update...

7.8CVSS7.3AI score0.01259EPSS