Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for AirWatch Agent by VMware

    CVE-2018-6968 (GCVE-0-2018-6968)

    Vulnerability from nvd – Published: 2018-06-11 22:00 – Updated: 2024-09-16 20:58
    VLAI
    Summary
    The VMware AirWatch Agent for Android prior to 8.2 and AirWatch Agent for Windows Mobile prior to 6.5.2 contain a remote code execution vulnerability in real time File Manager capabilities. This vulnerability may allow for unauthorized creation and execution of files in the Agent sandbox and other publicly accessible directories such as those on the SD card by a malicious administrator.
    Severity
    No CVSS data available.
    CWE
    • Remote Code Execution
    Assigner
    References
    URL Tags
    http://www.vmware.com/security/advisories/VMSA-20… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/104441 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id/1041060 vdb-entryx_refsource_SECTRACK
    Impacted products
    Vendor Product Version
    VMware AirWatch Agent Affected: AirWatch Agent for Android prior to 8.2
    Affected: AirWatch Agent for Windows Mobile prior to 6.5.2
    Create a notification for this product.
    Date Public
    2018-06-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T06:17:17.493Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.vmware.com/security/advisories/VMSA-2018-0015.html"
              },
              {
                "name": "104441",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/104441"
              },
              {
                "name": "1041060",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1041060"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "AirWatch Agent",
              "vendor": "VMware",
              "versions": [
                {
                  "status": "affected",
                  "version": "AirWatch Agent for Android prior to 8.2"
                },
                {
                  "status": "affected",
                  "version": "AirWatch Agent for Windows Mobile prior to 6.5.2"
                }
              ]
            }
          ],
          "datePublic": "2018-06-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The VMware AirWatch Agent for Android prior to 8.2 and AirWatch Agent for Windows Mobile prior to 6.5.2 contain a remote code execution vulnerability in real time File Manager capabilities. This vulnerability may allow for unauthorized creation and execution of files in the Agent sandbox and other publicly accessible directories such as those on the SD card by a malicious administrator."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-06-14T09:57:01.000Z",
            "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
            "shortName": "vmware"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.vmware.com/security/advisories/VMSA-2018-0015.html"
            },
            {
              "name": "104441",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/104441"
            },
            {
              "name": "1041060",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1041060"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@vmware.com",
              "DATE_PUBLIC": "2018-06-11T00:00:00",
              "ID": "CVE-2018-6968",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "AirWatch Agent",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "AirWatch Agent for Android prior to 8.2"
                              },
                              {
                                "version_value": "AirWatch Agent for Windows Mobile prior to 6.5.2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "VMware"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The VMware AirWatch Agent for Android prior to 8.2 and AirWatch Agent for Windows Mobile prior to 6.5.2 contain a remote code execution vulnerability in real time File Manager capabilities. This vulnerability may allow for unauthorized creation and execution of files in the Agent sandbox and other publicly accessible directories such as those on the SD card by a malicious administrator."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Remote Code Execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.vmware.com/security/advisories/VMSA-2018-0015.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.vmware.com/security/advisories/VMSA-2018-0015.html"
                },
                {
                  "name": "104441",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/104441"
                },
                {
                  "name": "1041060",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1041060"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
        "assignerShortName": "vmware",
        "cveId": "CVE-2018-6968",
        "datePublished": "2018-06-11T22:00:00.000Z",
        "dateReserved": "2018-02-14T00:00:00.000Z",
        "dateUpdated": "2024-09-16T20:58:09.872Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-4895 (GCVE-0-2017-4895)

    Vulnerability from nvd – Published: 2017-05-10 14:00 – Updated: 2024-08-05 14:39
    VLAI
    Summary
    Airwatch Agent for Android contains a vulnerability that may allow a device to bypass root detection. Successful exploitation of this issue may result in an enrolled device having unrestricted access over local Airwatch security controls and data.
    Severity
    No CVSS data available.
    CWE
    • Root detection bypass
    Assigner
    References
    URL Tags
    http://www.vmware.com/us/security/advisories/VMSA… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/95892 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id/1037738 vdb-entryx_refsource_SECTRACK
    Impacted products
    Date Public
    2017-01-30 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T14:39:41.484Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.vmware.com/us/security/advisories/VMSA-2017-0001.html"
              },
              {
                "name": "95892",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/95892"
              },
              {
                "name": "1037738",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1037738"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Airwatch Agent",
              "vendor": "VMware",
              "versions": [
                {
                  "status": "affected",
                  "version": "x.x"
                }
              ]
            }
          ],
          "datePublic": "2017-01-30T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Airwatch Agent for Android contains a vulnerability that may allow a device to bypass root detection. Successful exploitation of this issue may result in an enrolled device having unrestricted access over local Airwatch security controls and data."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Root detection bypass",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-24T12:57:01.000Z",
            "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
            "shortName": "vmware"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.vmware.com/us/security/advisories/VMSA-2017-0001.html"
            },
            {
              "name": "95892",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/95892"
            },
            {
              "name": "1037738",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1037738"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@vmware.com",
              "ID": "CVE-2017-4895",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Airwatch Agent",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "x.x"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "VMware"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Airwatch Agent for Android contains a vulnerability that may allow a device to bypass root detection. Successful exploitation of this issue may result in an enrolled device having unrestricted access over local Airwatch security controls and data."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Root detection bypass"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.vmware.com/us/security/advisories/VMSA-2017-0001.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.vmware.com/us/security/advisories/VMSA-2017-0001.html"
                },
                {
                  "name": "95892",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/95892"
                },
                {
                  "name": "1037738",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1037738"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
        "assignerShortName": "vmware",
        "cveId": "CVE-2017-4895",
        "datePublished": "2017-05-10T14:00:00.000Z",
        "dateReserved": "2016-12-26T00:00:00.000Z",
        "dateUpdated": "2024-08-05T14:39:41.484Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-6968 (GCVE-0-2018-6968)

    Vulnerability from cvelistv5 – Published: 2018-06-11 22:00 – Updated: 2024-09-16 20:58
    VLAI
    Summary
    The VMware AirWatch Agent for Android prior to 8.2 and AirWatch Agent for Windows Mobile prior to 6.5.2 contain a remote code execution vulnerability in real time File Manager capabilities. This vulnerability may allow for unauthorized creation and execution of files in the Agent sandbox and other publicly accessible directories such as those on the SD card by a malicious administrator.
    Severity
    No CVSS data available.
    CWE
    • Remote Code Execution
    Assigner
    References
    URL Tags
    http://www.vmware.com/security/advisories/VMSA-20… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/104441 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id/1041060 vdb-entryx_refsource_SECTRACK
    Impacted products
    Vendor Product Version
    VMware AirWatch Agent Affected: AirWatch Agent for Android prior to 8.2
    Affected: AirWatch Agent for Windows Mobile prior to 6.5.2
    Create a notification for this product.
    Date Public
    2018-06-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T06:17:17.493Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.vmware.com/security/advisories/VMSA-2018-0015.html"
              },
              {
                "name": "104441",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/104441"
              },
              {
                "name": "1041060",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1041060"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "AirWatch Agent",
              "vendor": "VMware",
              "versions": [
                {
                  "status": "affected",
                  "version": "AirWatch Agent for Android prior to 8.2"
                },
                {
                  "status": "affected",
                  "version": "AirWatch Agent for Windows Mobile prior to 6.5.2"
                }
              ]
            }
          ],
          "datePublic": "2018-06-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The VMware AirWatch Agent for Android prior to 8.2 and AirWatch Agent for Windows Mobile prior to 6.5.2 contain a remote code execution vulnerability in real time File Manager capabilities. This vulnerability may allow for unauthorized creation and execution of files in the Agent sandbox and other publicly accessible directories such as those on the SD card by a malicious administrator."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Code Execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-06-14T09:57:01.000Z",
            "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
            "shortName": "vmware"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.vmware.com/security/advisories/VMSA-2018-0015.html"
            },
            {
              "name": "104441",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/104441"
            },
            {
              "name": "1041060",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1041060"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@vmware.com",
              "DATE_PUBLIC": "2018-06-11T00:00:00",
              "ID": "CVE-2018-6968",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "AirWatch Agent",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "AirWatch Agent for Android prior to 8.2"
                              },
                              {
                                "version_value": "AirWatch Agent for Windows Mobile prior to 6.5.2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "VMware"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The VMware AirWatch Agent for Android prior to 8.2 and AirWatch Agent for Windows Mobile prior to 6.5.2 contain a remote code execution vulnerability in real time File Manager capabilities. This vulnerability may allow for unauthorized creation and execution of files in the Agent sandbox and other publicly accessible directories such as those on the SD card by a malicious administrator."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Remote Code Execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.vmware.com/security/advisories/VMSA-2018-0015.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.vmware.com/security/advisories/VMSA-2018-0015.html"
                },
                {
                  "name": "104441",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/104441"
                },
                {
                  "name": "1041060",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1041060"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
        "assignerShortName": "vmware",
        "cveId": "CVE-2018-6968",
        "datePublished": "2018-06-11T22:00:00.000Z",
        "dateReserved": "2018-02-14T00:00:00.000Z",
        "dateUpdated": "2024-09-16T20:58:09.872Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-4895 (GCVE-0-2017-4895)

    Vulnerability from cvelistv5 – Published: 2017-05-10 14:00 – Updated: 2024-08-05 14:39
    VLAI
    Summary
    Airwatch Agent for Android contains a vulnerability that may allow a device to bypass root detection. Successful exploitation of this issue may result in an enrolled device having unrestricted access over local Airwatch security controls and data.
    Severity
    No CVSS data available.
    CWE
    • Root detection bypass
    Assigner
    References
    URL Tags
    http://www.vmware.com/us/security/advisories/VMSA… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/95892 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id/1037738 vdb-entryx_refsource_SECTRACK
    Impacted products
    Date Public
    2017-01-30 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T14:39:41.484Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.vmware.com/us/security/advisories/VMSA-2017-0001.html"
              },
              {
                "name": "95892",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/95892"
              },
              {
                "name": "1037738",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1037738"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Airwatch Agent",
              "vendor": "VMware",
              "versions": [
                {
                  "status": "affected",
                  "version": "x.x"
                }
              ]
            }
          ],
          "datePublic": "2017-01-30T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Airwatch Agent for Android contains a vulnerability that may allow a device to bypass root detection. Successful exploitation of this issue may result in an enrolled device having unrestricted access over local Airwatch security controls and data."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Root detection bypass",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-24T12:57:01.000Z",
            "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
            "shortName": "vmware"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.vmware.com/us/security/advisories/VMSA-2017-0001.html"
            },
            {
              "name": "95892",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/95892"
            },
            {
              "name": "1037738",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1037738"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@vmware.com",
              "ID": "CVE-2017-4895",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Airwatch Agent",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "x.x"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "VMware"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Airwatch Agent for Android contains a vulnerability that may allow a device to bypass root detection. Successful exploitation of this issue may result in an enrolled device having unrestricted access over local Airwatch security controls and data."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Root detection bypass"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.vmware.com/us/security/advisories/VMSA-2017-0001.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.vmware.com/us/security/advisories/VMSA-2017-0001.html"
                },
                {
                  "name": "95892",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/95892"
                },
                {
                  "name": "1037738",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1037738"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
        "assignerShortName": "vmware",
        "cveId": "CVE-2017-4895",
        "datePublished": "2017-05-10T14:00:00.000Z",
        "dateReserved": "2016-12-26T00:00:00.000Z",
        "dateUpdated": "2024-08-05T14:39:41.484Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }