3a. Advisory Details
VMware App Volumes does not correctly validate user input when creating and editing applications or creating storage groups. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.5.
CPE | Name | Operator | Version |
---|---|---|---|
app volumes | lt | 2.18.6 | |
app volumes | lt | 2006 |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3975
docs.vmware.com/en/VMware-App-Volumes/2.18.6/rn/VMware-App-Volumes-2186-Release-Notes.html
docs.vmware.com/en/VMware-App-Volumes/2006/rn/VMware-App-Volumes-4-version-2006.html
my.vmware.com/web/vmware/downloads/info/slug/desktop_end_user_computing/vmware_app_volumes/2_x
my.vmware.com/web/vmware/downloads/info/slug/desktop_end_user_computing/vmware_app_volumes/4_x
www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N