{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-10-06T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in the Connection Server in VMware Horizon View 5.x before 5.3.7, 6.x before 6.2.3, and 7.x before 7.0.1 allows remote attackers to obtain sensitive information via unspecified vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-29T09:57:01.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "93455", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/93455"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.vmware.com/security/advisories/VMSA-2016-0015.html"}, {"name": "1036972", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1036972"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-7087", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Directory traversal vulnerability in the Connection Server in VMware Horizon View 5.x before 5.3.7, 6.x before 6.2.3, and 7.x before 7.0.1 allows remote attackers to obtain sensitive information via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "93455", "refsource": "BID", "url": "http://www.securityfocus.com/bid/93455"}, {"name": "http://www.vmware.com/security/advisories/VMSA-2016-0015.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/security/advisories/VMSA-2016-0015.html"}, {"name": "1036972", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036972"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T01:50:47.431Z"}, "title": "CVE Program Container", "references": [{"name": "93455", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/93455"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.vmware.com/security/advisories/VMSA-2016-0015.html"}, {"name": "1036972", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1036972"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2016-7087", "datePublished": "2016-12-29T09:02:00.000Z", "dateReserved": "2016-08-23T00:00:00.000Z", "dateUpdated": "2024-08-06T01:50:47.431Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:vmware:horizon_view:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "12D55241-0653-4BC0-9D67-69ABC47EBCFB", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:horizon_view:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "B4C10410-728B-44CE-AA13-5DE365EA3867", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:horizon_view:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "5574F263-A23A-43B4-9083-B2B6DD4D20C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:horizon_view:5.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "C3B66F7C-09CD-43E4-B85D-418CF8241E88", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:horizon_view:5.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "032E4EBE-5FFB-4EE7-BD79-E4EFC1631446", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:horizon_view:5.3:*:*:*:*:*:*:*", "matchCriteriaId": "3A410FB1-41B2-40DE-A7F0-167F096D8FEC", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:horizon_view:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "370FCB86-72ED-47AB-A414-A12E6C970BE6", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:horizon_view:6.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "67EA006A-76A5-489E-BD3E-FAFC00AB63C0", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:horizon_view:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "75798329-EAC2-4B6F-A943-9EB6F01B5145", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:horizon_view:6.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "F0DEE3EA-30C8-4653-96B3-17D9F66AFDA2", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:horizon_view:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "A4C7C278-5A1D-41A3-AEFB-10AA859DEF15", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:horizon_view:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "EA685CC7-AD8E-4EB6-A6B7-46F126BDE92E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in the Connection Server in VMware Horizon View 5.x before 5.3.7, 6.x before 6.2.3, and 7.x before 7.0.1 allows remote attackers to obtain sensitive information via unspecified vectors."}, {"lang": "es", "value": "Vulnerabilidad de salto de directorio en el Connection Server en VMware Horizon View 5.x en versiones anteriores a 5.3.7, 6.x en versiones anteriores a 6.2.3 y 7.x en versiones anteriores a 7.0.1 permite a atacantes remotos obtener informaci\u00f3n sensible a trav\u00e9s de vectores no especificados."}], "id": "CVE-2016-7087", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-12-29T09:59:00.507", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/93455"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id/1036972"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.vmware.com/security/advisories/VMSA-2016-0015.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/93455"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id/1036972"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.vmware.com/security/advisories/VMSA-2016-0015.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}