5.9
CVE-2020-3940
- EPSS 0.22%
- Veröffentlicht 17.01.2020 18:15:13
- Zuletzt bearbeitet 21.11.2024 05:32:00
- Quelle security@vmware.com
- Teams Watchlist Login
- Unerledigt Login
VMware Workspace ONE SDK and dependent mobile application updates address sensitive information disclosure vulnerability.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
VMware ≫ Workspace One Boxer SwPlatformandroid Version < 5.13.1
VMware ≫ Workspace One Content SwPlatformandroid Version < 3.21
VMware ≫ Workspace One Content SwPlatformiphone_os Version < 4.20
VMware ≫ Workspace One Intelligent Hub SwPlatformandroid Version < 19.11.1
VMware ≫ Workspace One Notebook SwPlatformandroid Version < 1.2.1
VMware ≫ Workspace One People SwPlatformandroid Version < 1.3.2
VMware ≫ Workspace One Piv-d Manager SwPlatformandroid Version < 1.4.2
VMware ≫ Workspace One Sdk SwPlatformxamarin Version < 1.4.1
VMware ≫ Workspace One Sdk SwPlatformapache_cordova Version < 1.5.1
VMware ≫ Workspace One Sdk SwPlatformandroid Version >= 19.8.0 < 19.11.1
VMware ≫ Workspace One Sdk (objective-c) SwEditioniphone_os Version >= 5.9.9.7 < 5.9.9.8
VMware ≫ Workspace One Web SwPlatformandroid Version < 7.10.8
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.22% | 0.417 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.9 | 2.2 | 3.6 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:P/I:N/A:N
|
CWE-295 Improper Certificate Validation
The product does not validate, or incorrectly validates, a certificate.