VMwareVMSA-2017-0020VMware AirWatch Console updates address Broken Access Control vulnerability.
EPSS
Percentile
41.8%
VMware AirWatch Console (AWC) Broken Access Control
VMware AirWatch Console (AWC) contains a Broken Access Control vulnerability. Successful exploitation of this issue could result in end-user device details being disclosed to an unauthorized administrator.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2017-4942 to this issue.
Column 5 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.
References
kb.vmware.com/kb/2078735
lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-4942
www.vmware.com/security/advisories
blogs.vmware.com/security
kb.vmware.com/kb/1055
support.air-watch.com/articles/115015625647
support.air-watch.com/articles/115015676547
twitter.com/VMwareSRC
www.air-watch.com/en/about/contact-us
www.vmware.com/support/policies/lifecycle.html
www.vmware.com/support/policies/security_response.html
Related
