CVE-2017-4896

3 documents3 sources

Severity

3.8LOW

EPSS

0.0%

top 85.40%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Vmware Airwatch Console Vmware Airwatch Inbox

Timeline

PublishedMay 10

Latest updateMay 13

Description

Airwatch Inbox for Android contains a vulnerability that may allow a rooted device to decrypt the local data used by the application. Successful exploitation of this issue may result in an unauthorized disclosure of confidential data.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:NExploitability: 2.0 | Impact: 1.4

Affected Packages2 packages

▶CVEListV5vmware/airwatch_inboxx.x

▶CVEListV5vmware/airwatch_consolex.x

Patches

Patch: www.vmware.com ↗Patch: www.vmware.com ↗

🔴Vulnerability Details

GHSA

GHSA-xhwg-m6mj-g53r: Airwatch Inbox for Android contains a vulnerability that may allow a rooted device to decrypt the local data used by the application↗2022-05-13

▶

CVEList

CVE-2017-4896: Airwatch Inbox for Android contains a vulnerability that may allow a rooted device to decrypt the local data used by the application↗2017-05-10

▶