VYPR
High severity8.8NVD Advisory· Published Apr 20, 2018· Updated Jun 17, 2026

CVE-2018-6960

CVE-2018-6960

Description

VMware Horizon DaaS (7.x before 8.0.0) contains a broken authentication vulnerability that may allow an attacker to bypass two-factor authentication. Note: In order to exploit this issue, an attacker must have a legitimate account on Horizon DaaS.

Affected products

2
  • VMware/Horizon Daasllm-fuzzy2 versions
    >=7.0.0, <8.0.0+ 1 more
    • (no CPE)range: >=7.0.0, <8.0.0
    • (no CPE)range: 7.x before 8.0.0

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.