CVE-2017-4951

Summary

VMware AirWatch Console (9.2.x before 9.2.2 and 9.1.x before 9.1.5) contains a Cross Site Request Forgery vulnerability when accessing the App Catalog. An attacker may exploit this issue by tricking users into installing a malicious application on their devices.

Affected Software

VendorProductVersion RangeStatus
VMwareAirWatch Console9.2.x before 9.2.2affected
VMwareAirWatch Console9.1.x before 9.1.5affected

Weaknesses

  • Cross Site Request Forgery

ADP Enrichment

CVE Program Container

Additional References

References