Back to search
CVE-2017-4897
Published: May 31, 2017
Modified: Aug 5, 2024
PUBLISHED
Description
VMware Horizon DaaS before 7.0.0 contains a vulnerability that exists due to insufficient validation of data. An attacker may exploit this issue by tricking DaaS client users into connecting to a malicious server and sharing all their drives and devices. Successful exploitation of this vulnerability requires a victim to download a specially crafted RDP file through DaaS client by clicking on a malicious link.
| Vendor | Product | Versions |
|---|---|---|
VMware | Horizon DaaS | affected prior to 7.0.0 |
References
1037951
vdb-entry
x_refsource_SECTRACK
96559
vdb-entry
x_refsource_BID
http://www.vmware.com/security/advisories/VMSA-2017-0002.html
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now