CyberSec.Space Logo
Back to CVE Browser

CVE-2017-4931

HIGH
7.8
CVSS Severity Score
EPSS Score0.1000%
EPSS Percentile29.42th
PublishedNov 16, 2017
Last ModifiedMay 13, 2026

Vulnerability Description

VMware AirWatch Console 9.x prior to 9.2.0 contains a vulnerability that could allow an authenticated AWC user to add malicious data to an enrolled device's log files. Successful exploitation of this issue could result in an unsuspecting AWC user opening a CSV file which contains malicious content.

Affected Platforms (CPE)

πŸ“¦
Vmware

Airwatch

>= 9.0.0 and < 9.2.0

References & Advisories

πŸ”— http://www.securityfocus.com/bid/101772
πŸ”— http://www.securitytracker.com/id/1039750
πŸ”— https://www.vmware.com/us/security/advisories/VMSA-2017-0016.html
πŸ”— http://www.securityfocus.com/bid/101772
πŸ”— http://www.securitytracker.com/id/1039750
πŸ”— https://www.vmware.com/us/security/advisories/VMSA-2017-0016.html

Related Vulnerabilities

CVE-2018-696810.0

The VMware AirWatch Agent for Android prior to 8.2 and AirWatch Agent for Windows Mobile prior to 6.5.2 contain a remote code exec...

CVE-2017-49518.8

VMware AirWatch Console (9.2.x before 9.2.2 and 9.1.x before 9.1.5) contains a Cross Site Request Forgery vulnerability when acces...

CVE-2017-48958.8

Airwatch Agent for Android contains a vulnerability that may allow a device to bypass root detection. Successful exploitation of t...

CVE-2017-49327.8

VMware AirWatch Launcher for Android prior to 3.2.2 contains a vulnerability that could allow an escalation of privilege from the ...