CVE-2017-4907
Published Jun 8, 2017
Last updated 7 years ago
Overview
- Description
- VMware Unified Access Gateway (2.5.x, 2.7.x, 2.8.x prior to 2.8.1) and Horizon View (7.x prior to 7.1.0, 6.x prior to 6.2.4) contain a heap buffer-overflow vulnerability which may allow a remote attacker to execute code on the security gateway.
- Source
- security@vmware.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-119
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:horizon_view:6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "370FCB86-72ED-47AB-A414-A12E6C970BE6"
},
{
"criteria": "cpe:2.3:a:vmware:horizon_view:6.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "67EA006A-76A5-489E-BD3E-FAFC00AB63C0"
},
{
"criteria": "cpe:2.3:a:vmware:horizon_view:6.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "75798329-EAC2-4B6F-A943-9EB6F01B5145"
},
{
"criteria": "cpe:2.3:a:vmware:horizon_view:6.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F0DEE3EA-30C8-4653-96B3-17D9F66AFDA2"
},
{
"criteria": "cpe:2.3:a:vmware:horizon_view:6.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A4C7C278-5A1D-41A3-AEFB-10AA859DEF15"
},
{
"criteria": "cpe:2.3:a:vmware:horizon_view:6.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "155B09B1-D94A-42C6-89DE-76180968C5D2"
},
{
"criteria": "cpe:2.3:a:vmware:horizon_view:6.2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "32840997-8DA1-481A-BC2B-6A5D3335826D"
},
{
"criteria": "cpe:2.3:a:vmware:horizon_view:6.2.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5252980E-77DE-41C9-B829-775BB929FB30"
},
{
"criteria": "cpe:2.3:a:vmware:horizon_view:6.2.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9AB3A1FE-4DB8-4536-B94F-21C4560D7BC1"
},
{
"criteria": "cpe:2.3:a:vmware:horizon_view:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EA685CC7-AD8E-4EB6-A6B7-46F126BDE92E"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:unified_access_gateway:2.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "14D2DF40-13F6-4A11-B96B-002039F16C0E"
},
{
"criteria": "cpe:2.3:a:vmware:unified_access_gateway:2.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DE4B7AA9-E5F1-4388-A083-D1817EE8FA51"
},
{
"criteria": "cpe:2.3:a:vmware:unified_access_gateway:2.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3EAAC0B8-C653-40F3-B2E9-7C5DED57E81D"
},
{
"criteria": "cpe:2.3:a:vmware:unified_access_gateway:2.7.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B5AFC21D-88E4-4AF0-9DA2-17DCBEE12D85"
},
{
"criteria": "cpe:2.3:a:vmware:unified_access_gateway:2.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C68F416E-BD1C-4D9F-B3E9-BB05EB421216"
}
],
"operator": "OR"
}
]
}
]