CVE-2017-4931

VMware AirWatch Console 9.x prior to 9.2.0 contains a vulnerability that could allow an authenticated AWC user to add malicious data to an enrolled device's log files. Successful exploitation of this issue could result in an unsuspecting AWC user opening a CSV file which contains malicious content.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
vmwareCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 27%
VendorProductVersion
vmwareairwatch
9.0.0 ≤
𝑥
< 9.2.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/101772
http://www.securitytracker.com/id/1039750
https://www.vmware.com/us/security/advisories/VMSA-2017-0016.html
http://www.securityfocus.com/bid/101772
http://www.securitytracker.com/id/1039750
https://www.vmware.com/us/security/advisories/VMSA-2017-0016.html