CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vmware: >> Horizon Daas >> 6.1.6 Security Vulnerabilities

CVE-2017-4897

VMware Horizon DaaS before 7.0.0 contains a vulnerability that exists due to insufficient validation of data. An attacker may exploit this issue by tricking DaaS client users into connecting to a malicious server and sharing all their drives and devices. Successful exploitation of this vulnerability requires a victim to download a specially crafted RDP file through DaaS client by clicking on a malicious link.

CVSS Score

5.5

EPSS Score

0.001

Published

2017-05-31

Page 1

Vulnerabilities

Vulnerable Software

Vmware: >> Horizon Daas >> 6.1.6 Security Vulnerabilities

Products

Pricing

Contact Us