Broken Authentication Issue in VMware Horizon DaaS
CVE-2018-6960
8.8HIGH
What is CVE-2018-6960?
VMware Horizon DaaS versions 7.x before 8.0.0 are susceptible to a broken authentication vulnerability. This flaw may allow an authenticated user to effectively bypass two-factor authentication mechanisms. To exploit this issue, an attacker must already possess a legitimate user account on the Horizon DaaS platform, making it crucial for users to review their authentication protocols and access controls.
Affected Version(s)
Horizon DaaS 7.x before 8.0.0