CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-4951

VMware AirWatch Console (9.2.x before 9.2.2 and 9.1.x before 9.1.5) contains a Cross Site Request Forgery vulnerability when accessing the App Catalog. An attacker may exploit this issue by tricking users into installing a malicious application on their devices.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 40.1%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.8

References

Products affected by CVE-2017-4951

Vmware » Airwatch » Version: 9.1

cpe:2.3:a:vmware:airwatch:9.1
Vmware » Airwatch » Version: 9.1.1

cpe:2.3:a:vmware:airwatch:9.1.1
Vmware » Airwatch » Version: 9.1.2

cpe:2.3:a:vmware:airwatch:9.1.2
Vmware » Airwatch » Version: 9.1.3

cpe:2.3:a:vmware:airwatch:9.1.3
Vmware » Airwatch » Version: 9.1.4

cpe:2.3:a:vmware:airwatch:9.1.4
Vmware » Airwatch » Version: 9.2

cpe:2.3:a:vmware:airwatch:9.2
Vmware » Airwatch » Version: 9.2.0

cpe:2.3:a:vmware:airwatch:9.2.0
Vmware » Airwatch » Version: 9.2.1

cpe:2.3:a:vmware:airwatch:9.2.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-4951

Products

Pricing

Contact Us