Directory Traversal Vulnerability in VMware Horizon View
CVE-2016-7087

5.3MEDIUM

Key Information:

Vendor
Vmware
Status
Horizon View
Vendor
CVE Published:
29 December 2016

Summary

A directory traversal vulnerability exists in the Connection Server of VMware Horizon View that allows remote attackers to gain unauthorized access to sensitive information. The flaw affects several versions of the software, including 5.x prior to 5.3.7, 6.x prior to 6.2.3, and 7.x prior to 7.0.1. Exploitation of this vulnerability can lead to exposure of critical data, necessitating immediate attention and remediation by users of affected versions.

References

http://www.securityfocus.com/bid/93455
vdb-entryx_refsource_BID
http://www.vmware.com/security/advisories/VMSA-2016-0015....
x_refsource_CONFIRM
http://www.securitytracker.com/id/1036972
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.