CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-6960

VMware Horizon DaaS (7.x before 8.0.0) contains a broken authentication vulnerability that may allow an attacker to bypass two-factor authentication. Note: In order to exploit this issue, an attacker must have a legitimate account on Horizon DaaS.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.045

EPSS Ranking 88.7%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.5

References

http://www.securityfocus.com/bid/103938
http://www.securitytracker.com/id/1040731
https://www.vmware.com/security/advisories/VMSA-2018-0010.html
http://www.securityfocus.com/bid/103938
http://www.securitytracker.com/id/1040731
https://www.vmware.com/security/advisories/VMSA-2018-0010.html

Products affected by CVE-2018-6960

Vmware » Horizon Daas » Version: 7.0.0

cpe:2.3:a:vmware:horizon_daas:7.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-6960

Products

Pricing

Contact Us