CyberSec.Space Logo
返回 CVE 浏览器

CVE-2017-4931

HIGH
7.8
CVSS Severity Score
EPSS Score0.1000%
EPSS Percentile29.42th
Published2017年11月16日
Last Modified2026年5月13日

Vulnerability Description

VMware AirWatch Console 9.x prior to 9.2.0 contains a vulnerability that could allow an authenticated AWC user to add malicious data to an enrolled device's log files. Successful exploitation of this issue could result in an unsuspecting AWC user opening a CSV file which contains malicious content.

Affected Platforms (CPE)

📦
Vmware

Airwatch

>= 9.0.0 and < 9.2.0

References & Advisories

🔗 http://www.securityfocus.com/bid/101772
🔗 http://www.securitytracker.com/id/1039750
🔗 https://www.vmware.com/us/security/advisories/VMSA-2017-0016.html
🔗 http://www.securityfocus.com/bid/101772
🔗 http://www.securitytracker.com/id/1039750
🔗 https://www.vmware.com/us/security/advisories/VMSA-2017-0016.html

相关漏洞威胁

CVE-2018-696810.0

The VMware AirWatch Agent for Android prior to 8.2 and AirWatch Agent for Windows Mobile prior to 6.5.2 contain a remote code exec...

CVE-2017-49518.8

VMware AirWatch Console (9.2.x before 9.2.2 and 9.1.x before 9.1.5) contains a Cross Site Request Forgery vulnerability when acces...

CVE-2017-48958.8

Airwatch Agent for Android contains a vulnerability that may allow a device to bypass root detection. Successful exploitation of t...

CVE-2017-49327.8

VMware AirWatch Launcher for Android prior to 3.2.2 contains a vulnerability that could allow an escalation of privilege from the ...