URL Redirection Vulnerability in VMware AirWatch Console
CVE-2017-4930
5.4MEDIUM
Key Information:
- Vendor
Vmware
- Vendor
- CVE Published:
- 16 November 2017
What is CVE-2017-4930?
The VMware AirWatch Console 9.x prior to version 9.2.0 is susceptible to a URL redirection vulnerability, allowing an authenticated AWC user to insert a malicious URL into the device's 'Links' page. If exploited, this can redirect unsuspecting users to harmful websites, which may lead to phishing attacks or malicious downloads.
Affected Version(s)
VMware AirWatch Console (AWC) 9.x before 9.2.0