CyberSec.Space Logo
Back to CVE Browser

CVE-2017-4930

MEDIUM
5.4
CVSS Severity Score
EPSS Score0.1680%
EPSS Percentile22.58th
PublishedNov 16, 2017
Last ModifiedMay 13, 2026

Vulnerability Description

VMware AirWatch Console 9.x prior to 9.2.0 contains a vulnerability that could allow an authenticated AWC user to add a malicious URL to an enrolled device's 'Links' page. Successful exploitation of this issue could result in an unsuspecting AWC user being redirected to a malicious URL.

Affected Platforms (CPE)

πŸ“¦
Vmware

Airwatch

>= 9.0.0 and < 9.2.0

References & Advisories

πŸ”— http://www.securityfocus.com/bid/101772
πŸ”— http://www.securitytracker.com/id/1039750
πŸ”— https://www.vmware.com/us/security/advisories/VMSA-2017-0016.html
πŸ”— http://www.securityfocus.com/bid/101772
πŸ”— http://www.securitytracker.com/id/1039750
πŸ”— https://www.vmware.com/us/security/advisories/VMSA-2017-0016.html

Related Vulnerabilities

CVE-2018-696810.0

The VMware AirWatch Agent for Android prior to 8.2 and AirWatch Agent for Windows Mobile prior to 6.5.2 contain a remote code exec...

CVE-2017-49518.8

VMware AirWatch Console (9.2.x before 9.2.2 and 9.1.x before 9.1.5) contains a Cross Site Request Forgery vulnerability when acces...

CVE-2017-48958.8

Airwatch Agent for Android contains a vulnerability that may allow a device to bypass root detection. Successful exploitation of t...

CVE-2017-49327.8

VMware AirWatch Launcher for Android prior to 3.2.2 contains a vulnerability that could allow an escalation of privilege from the ...