VYPR

Airwatch

by VMware

CVEs (6)

  • CVE-2017-4951HigJan 29, 2018
    risk 0.57cvss 8.8epss 0.01

    VMware AirWatch Console (9.2.x before 9.2.2 and 9.1.x before 9.1.5) contains a Cross Site Request Forgery vulnerability when accessing the App Catalog. An attacker may exploit this issue by tricking users into installing a malicious application on their devices.

  • CVE-2017-4931HigNov 16, 2017
    risk 0.51cvss 7.8epss 0.01

    VMware AirWatch Console 9.x prior to 9.2.0 contains a vulnerability that could allow an authenticated AWC user to add malicious data to an enrolled device's log files. Successful exploitation of this issue could result in an unsuspecting AWC user opening a CSV file which…

  • CVE-2017-4930MedNov 16, 2017
    risk 0.35cvss 5.4epss 0.01

    VMware AirWatch Console 9.x prior to 9.2.0 contains a vulnerability that could allow an authenticated AWC user to add a malicious URL to an enrolled device's 'Links' page. Successful exploitation of this issue could result in an unsuspecting AWC user being redirected to a…

  • CVE-2017-4942MedDec 13, 2017
    risk 0.32cvss 4.9epss 0.02

    VMware AirWatch Console (AWC) contains a Broken Access Control vulnerability. Successful exploitation of this issue could result in end-user device details being disclosed to an unauthorized administrator.

  • CVE-2017-4896LowMay 10, 2017
    risk 0.25cvss 3.8epss 0.00

    Airwatch Inbox for Android contains a vulnerability that may allow a rooted device to decrypt the local data used by the application. Successful exploitation of this issue may result in an unauthorized disclosure of confidential data.

  • CVE-2014-8372Dec 11, 2014
    risk 0.00cvss epss 0.01

    AirWatch by VMware On-Premise 7.3.x before 7.3.3.0 (FP3) allows remote authenticated users to obtain the organizational information and statistics from arbitrary tenants via vectors involving a direct object reference.