CVSS: 7.4EPSS: 0%CPEs: 7EXPL: 0CVE-2018-6979 – VMware Security Advisory 2018-0024
https://notcve.org/view.php?id=CVE-2018-6979
04 Oct 2018 — The VMware Workspace ONE Unified Endpoint Management Console (A/W Console) 9.7.x prior to 9.7.0.3, 9.6.x prior to 9.6.0.7, 9.5.x prior to 9.5.0.16, 9.4.x prior to 9.4.0.22, 9.3.x prior to 9.3.0.25, 9.2.x prior to 9.2.3.27, and 9.1.x prior to 9.1.5.6 contains a SAML authentication bypass vulnerability which can be leveraged during device enrollment. This vulnerability may allow for a malicious actor to impersonate an authorized SAML session if certificate-based authentication is enabled. This vulnerability i... • http://www.securitytracker.com/id/1041808 •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2017-4942
https://notcve.org/view.php?id=CVE-2017-4942
13 Dec 2017 — VMware AirWatch Console (AWC) contains a Broken Access Control vulnerability. Successful exploitation of this issue could result in end-user device details being disclosed to an unauthorized administrator. VMware AirWatch Console (AWC) contiene una vulnerabilidad de control de acceso roto. La explotación con éxito de este problema podría desembocar en la revelación de detalles del dispositivo del usuario final a un administrador no autorizado. • http://www.securityfocus.com/bid/102171 •