Authenticated User URL Redirection Vulnerability in VMware AirWatch Console 9.x

Authenticated User URL Redirection Vulnerability in VMware AirWatch Console 9.x

CVE-2017-4930 · LOW Severity

AV:N/AC:M/AU:S/C:N/I:P/A:N

VMware AirWatch Console 9.x prior to 9.2.0 contains a vulnerability that could allow an authenticated AWC user to add a malicious URL to an enrolled device's 'Links' page. Successful exploitation of this issue could result in an unsuspecting AWC user being redirected to a malicious URL.

Learn more about our User Device Pen Test.