CVE-2017-4930

Summary

VMware AirWatch Console 9.x prior to 9.2.0 contains a vulnerability that could allow an authenticated AWC user to add a malicious URL to an enrolled device's 'Links' page. Successful exploitation of this issue could result in an unsuspecting AWC user being redirected to a malicious URL.

Affected Software

VendorProductVersion RangeStatus
VMwareVMware AirWatch Console (AWC)9.x before 9.2.0affected

Weaknesses

  • Stored XSS vulnerability

ADP Enrichment

CVE Program Container

Additional References

References