| Vulnerability Name: | CVE-2016-7087 (CCN-117563) | ||||||||||||
| Assigned: | 2016-10-06 | ||||||||||||
| Published: | 2016-10-06 | ||||||||||||
| Updated: | 2017-07-30 | ||||||||||||
| Summary: | Directory traversal vulnerability in the Connection Server in VMware Horizon View 5.x before 5.3.7, 6.x before 6.2.3, and 7.x before 7.0.1 allows remote attackers to obtain sensitive information via unspecified vectors. | ||||||||||||
| CVSS v3 Severity: | 5.3 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) 4.6 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C)
| ||||||||||||
| CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
| ||||||||||||
| Vulnerability Type: | CWE-22 | ||||||||||||
| Vulnerability Consequences: | Obtain Information | ||||||||||||
| References: | Source: MITRE Type: CNA CVE-2016-7087 Source: BID Type: Third Party Advisory, VDB Entry 93455 Source: SECTRACK Type: UNKNOWN 1036972 Source: CCN Type: VMware Security Advisory VMSA-2016-0015 VMware Horizon View updates address directory traversal vulnerability Source: CONFIRM Type: Patch, Vendor Advisory http://www.vmware.com/security/advisories/VMSA-2016-0015.html Source: XF Type: UNKNOWN vmware-horizon-cve20167087-dir-trav(117563) Source: CCN Type: ZDI-16-531 VMware Horizon View loggerBean Directory Traversal Information Disclosure Vulnerability | ||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||
| BACK | |||||||||||||