Filtered by vendor Vmware
Subscriptions
Filtered by product Horizon Daas
Subscriptions
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-3977 | 1 Vmware | 1 Horizon Daas | 2024-11-21 | 6.5 Medium |
| VMware Horizon DaaS (7.x and 8.x before 8.0.1 Update 1) contains a broken authentication vulnerability due to a flaw in the way it handled the first factor authentication. Successful exploitation of this issue may allow an attacker to bypass two-factor authentication process. In order to exploit this issue, an attacker must have a legitimate account on Horizon DaaS. | ||||
| CVE-2019-5544 | 4 Fedoraproject, Openslp, Redhat and 1 more | 17 Fedora, Openslp, Enterprise Linux and 14 more | 2024-11-21 | 9.8 Critical |
| OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8. | ||||
| CVE-2018-6960 | 1 Vmware | 1 Horizon Daas | 2024-11-21 | N/A |
| VMware Horizon DaaS (7.x before 8.0.0) contains a broken authentication vulnerability that may allow an attacker to bypass two-factor authentication. Note: In order to exploit this issue, an attacker must have a legitimate account on Horizon DaaS. | ||||
| CVE-2017-4897 | 1 Vmware | 1 Horizon Daas | 2024-11-21 | N/A |
| VMware Horizon DaaS before 7.0.0 contains a vulnerability that exists due to insufficient validation of data. An attacker may exploit this issue by tricking DaaS client users into connecting to a malicious server and sharing all their drives and devices. Successful exploitation of this vulnerability requires a victim to download a specially crafted RDP file through DaaS client by clicking on a malicious link. | ||||
Page 1 of 1.