CVE-2017-4907
Last modified
CVE-2017-4907 is a vulnerability of currently unknown severity. VMware Unified Access Gateway (2.5.x, 2.7.x, 2.8.x prior to 2.8.1) and Horizon View (7.x prior to 7.1.0, 6.x prior to 6.2.4) contain a heap buffer-overflow vulnerability which may allow a remote attacker to execute code on the security gateway.. EPSS estimates a 3.76% chance of exploitation in the next 30 days.
Description
VMware Unified Access Gateway (2.5.x, 2.7.x, 2.8.x prior to 2.8.1) and Horizon View (7.x prior to 7.1.0, 6.x prior to 6.2.4) contain a heap buffer-overflow vulnerability which may allow a remote attacker to execute code on the security gateway.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Vmware | Horizon View | 6.0 |
| Vmware | Horizon View | 6.0.2 |
| Vmware | Horizon View | 6.1 |
| Vmware | Horizon View | 6.1.1 |
| Vmware | Horizon View | 6.2 |
| Vmware | Horizon View | 6.2.1 |
| Vmware | Horizon View | 6.2.2 |
| Vmware | Horizon View | 6.2.3 |
| Vmware | Horizon View | 6.2.4 |
| Vmware | Horizon View | 7.0 |
| Vmware | Unified Access Gateway | 2.5 |
| Vmware | Unified Access Gateway | 2.5.1 |
| Vmware | Unified Access Gateway | 2.7 |
| Vmware | Unified Access Gateway | 2.7.2 |
| Vmware | Unified Access Gateway | 2.8 |
References
- http://www.securityfocus.com/bid/97914Third Party Advisory, VDB Entry
- http://www.securityfocus.com/bid/97914Third Party Advisory, VDB Entry
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2017-4907?
How severe is CVE-2017-4907?
How do I fix CVE-2017-4907?
Are you affected by CVE-2017-4907?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST