Refine your search
2 vulnerabilities found for AirWatch Agent by VMware
CVE-2018-6968 (GCVE-0-2018-6968)
Vulnerability from cvelistv5
Published
2018-06-11 22:00
Modified
2024-09-16 20:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution
Summary
The VMware AirWatch Agent for Android prior to 8.2 and AirWatch Agent for Windows Mobile prior to 6.5.2 contain a remote code execution vulnerability in real time File Manager capabilities. This vulnerability may allow for unauthorized creation and execution of files in the Agent sandbox and other publicly accessible directories such as those on the SD card by a malicious administrator.
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| VMware | AirWatch Agent |
Version: AirWatch Agent for Android prior to 8.2 Version: AirWatch Agent for Windows Mobile prior to 6.5.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:17:17.493Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2018-0015.html"
},
{
"name": "104441",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104441"
},
{
"name": "1041060",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041060"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AirWatch Agent",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "AirWatch Agent for Android prior to 8.2"
},
{
"status": "affected",
"version": "AirWatch Agent for Windows Mobile prior to 6.5.2"
}
]
}
],
"datePublic": "2018-06-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The VMware AirWatch Agent for Android prior to 8.2 and AirWatch Agent for Windows Mobile prior to 6.5.2 contain a remote code execution vulnerability in real time File Manager capabilities. This vulnerability may allow for unauthorized creation and execution of files in the Agent sandbox and other publicly accessible directories such as those on the SD card by a malicious administrator."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-14T09:57:01.000Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2018-0015.html"
},
{
"name": "104441",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104441"
},
{
"name": "1041060",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041060"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"DATE_PUBLIC": "2018-06-11T00:00:00",
"ID": "CVE-2018-6968",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AirWatch Agent",
"version": {
"version_data": [
{
"version_value": "AirWatch Agent for Android prior to 8.2"
},
{
"version_value": "AirWatch Agent for Windows Mobile prior to 6.5.2"
}
]
}
}
]
},
"vendor_name": "VMware"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The VMware AirWatch Agent for Android prior to 8.2 and AirWatch Agent for Windows Mobile prior to 6.5.2 contain a remote code execution vulnerability in real time File Manager capabilities. This vulnerability may allow for unauthorized creation and execution of files in the Agent sandbox and other publicly accessible directories such as those on the SD card by a malicious administrator."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.vmware.com/security/advisories/VMSA-2018-0015.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2018-0015.html"
},
{
"name": "104441",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104441"
},
{
"name": "1041060",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041060"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2018-6968",
"datePublished": "2018-06-11T22:00:00.000Z",
"dateReserved": "2018-02-14T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:58:09.872Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-4895 (GCVE-0-2017-4895)
Vulnerability from cvelistv5
Published
2017-05-10 14:00
Modified
2024-08-05 14:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Root detection bypass
Summary
Airwatch Agent for Android contains a vulnerability that may allow a device to bypass root detection. Successful exploitation of this issue may result in an enrolled device having unrestricted access over local Airwatch security controls and data.
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| VMware | Airwatch Agent |
Version: x.x |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:39:41.484Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/us/security/advisories/VMSA-2017-0001.html"
},
{
"name": "95892",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95892"
},
{
"name": "1037738",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037738"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Airwatch Agent",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "x.x"
}
]
}
],
"datePublic": "2017-01-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Airwatch Agent for Android contains a vulnerability that may allow a device to bypass root detection. Successful exploitation of this issue may result in an enrolled device having unrestricted access over local Airwatch security controls and data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Root detection bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-24T12:57:01.000Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/us/security/advisories/VMSA-2017-0001.html"
},
{
"name": "95892",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95892"
},
{
"name": "1037738",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037738"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2017-4895",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Airwatch Agent",
"version": {
"version_data": [
{
"version_value": "x.x"
}
]
}
}
]
},
"vendor_name": "VMware"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Airwatch Agent for Android contains a vulnerability that may allow a device to bypass root detection. Successful exploitation of this issue may result in an enrolled device having unrestricted access over local Airwatch security controls and data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Root detection bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.vmware.com/us/security/advisories/VMSA-2017-0001.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/us/security/advisories/VMSA-2017-0001.html"
},
{
"name": "95892",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95892"
},
{
"name": "1037738",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037738"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2017-4895",
"datePublished": "2017-05-10T14:00:00.000Z",
"dateReserved": "2016-12-26T00:00:00.000Z",
"dateUpdated": "2024-08-05T14:39:41.484Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}