cnvd - cnvd-2018-11450

CNVD-2018-11450

Vulnerability from cnvd - Published: 2018-06-14

Title

VMware AirWatch Agent远程代码执行漏洞

Description

VMWare Airwatch Agent for Android是美国威睿（VMware）公司的一套基于Android平台的设备管理解决方案。该方案支持监控、管理整个智能手机群。VMWare Airwatch Agent for Windows Mobile是基于Windows Mobile平台的版本。基于Android平台的VMware AirWatch Agent 8.2之前版本和基于Windows Mobile平台的AirWatch Agent 6.5.2之前版本中的real time File Manager功能存在远程代码执行漏洞。远程攻击者可利用该漏洞在Agent沙盒和其他公共可访问目录中未授权创建并执行文件。

Severity

高

Patch Name

VMware AirWatch Agent远程代码执行漏洞的补丁

Patch Description

Formal description

厂商已发布漏洞修复程序，请及时关注更新： https://www.vmware.com/security/advisories/VMSA-2018-0015.html

Reference

https://www.vmware.com/security/advisories/VMSA-2018-0015.html

Impacted products

Name
['VMware AirWatch Agent for Windows Mobile <6.5.2', 'VMware AirWatch Agent for Android <8.2']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-6968"
    }
  },
  "description": "VMWare Airwatch Agent for Android\u662f\u7f8e\u56fd\u5a01\u777f\uff08VMware\uff09\u516c\u53f8\u7684\u4e00\u5957\u57fa\u4e8eAndroid\u5e73\u53f0\u7684\u8bbe\u5907\u7ba1\u7406\u89e3\u51b3\u65b9\u6848\u3002\u8be5\u65b9\u6848\u652f\u6301\u76d1\u63a7\u3001\u7ba1\u7406\u6574\u4e2a\u667a\u80fd\u624b\u673a\u7fa4\u3002VMWare Airwatch Agent for Windows Mobile\u662f\u57fa\u4e8eWindows Mobile\u5e73\u53f0\u7684\u7248\u672c\u3002\r\n\r\n\u57fa\u4e8eAndroid\u5e73\u53f0\u7684VMware AirWatch Agent 8.2\u4e4b\u524d\u7248\u672c\u548c\u57fa\u4e8eWindows Mobile\u5e73\u53f0\u7684AirWatch Agent 6.5.2\u4e4b\u524d\u7248\u672c\u4e2d\u7684real time File Manager\u529f\u80fd\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728Agent\u6c99\u76d2\u548c\u5176\u4ed6\u516c\u5171\u53ef\u8bbf\u95ee\u76ee\u5f55\u4e2d\u672a\u6388\u6743\u521b\u5efa\u5e76\u6267\u884c\u6587\u4ef6\u3002",
  "discovererName": "unknwon",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.vmware.com/security/advisories/VMSA-2018-0015.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-11450",
  "openTime": "2018-06-14",
  "patchDescription": "VMWare Airwatch Agent for Android\u662f\u7f8e\u56fd\u5a01\u777f\uff08VMware\uff09\u516c\u53f8\u7684\u4e00\u5957\u57fa\u4e8eAndroid\u5e73\u53f0\u7684\u8bbe\u5907\u7ba1\u7406\u89e3\u51b3\u65b9\u6848\u3002\u8be5\u65b9\u6848\u652f\u6301\u76d1\u63a7\u3001\u7ba1\u7406\u6574\u4e2a\u667a\u80fd\u624b\u673a\u7fa4\u3002VMWare Airwatch Agent for Windows Mobile\u662f\u57fa\u4e8eWindows Mobile\u5e73\u53f0\u7684\u7248\u672c\u3002\r\n\r\n\u57fa\u4e8eAndroid\u5e73\u53f0\u7684VMware AirWatch Agent 8.2\u4e4b\u524d\u7248\u672c\u548c\u57fa\u4e8eWindows Mobile\u5e73\u53f0\u7684AirWatch Agent 6.5.2\u4e4b\u524d\u7248\u672c\u4e2d\u7684real time File Manager\u529f\u80fd\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728Agent\u6c99\u76d2\u548c\u5176\u4ed6\u516c\u5171\u53ef\u8bbf\u95ee\u76ee\u5f55\u4e2d\u672a\u6388\u6743\u521b\u5efa\u5e76\u6267\u884c\u6587\u4ef6\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "VMware AirWatch Agent\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "VMware AirWatch Agent for Windows Mobile \u003c6.5.2",
      "VMware AirWatch Agent for Android \u003c8.2"
    ]
  },
  "referenceLink": "https://www.vmware.com/security/advisories/VMSA-2018-0015.html",
  "serverity": "\u9ad8",
  "submitTime": "2018-06-12",
  "title": "VMware AirWatch Agent\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}

CVE-2018-6968 (GCVE-0-2018-6968)

Vulnerability from cvelistv5 – Published: 2018-06-11 22:00 – Updated: 2024-09-16 20:58

Summary

The VMware AirWatch Agent for Android prior to 8.2 and AirWatch Agent for Windows Mobile prior to 6.5.2 contain a remote code execution vulnerability in real time File Manager capabilities. This vulnerability may allow for unauthorized creation and execution of files in the Agent sandbox and other publicly accessible directories such as those on the SD card by a malicious administrator.

Severity ?

No CVSS data available.

CWE

Remote Code Execution

Assigner

vmware

References

URL

Tags

	http://www.vmware.com/security/advisories/VMSA-20…	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/104441	vdb-entryx_refsource_BID
	http://www.securitytracker.com/id/1041060	vdb-entryx_refsource_SECTRACK

Impacted products

	Vendor	Product	Version
	VMware	AirWatch Agent	Affected: AirWatch Agent for Android prior to 8.2 Affected: AirWatch Agent for Windows Mobile prior to 6.5.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T06:17:17.493Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2018-0015.html"
          },
          {
            "name": "104441",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/104441"
          },
          {
            "name": "1041060",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041060"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "AirWatch Agent",
          "vendor": "VMware",
          "versions": [
            {
              "status": "affected",
              "version": "AirWatch Agent for Android prior to 8.2"
            },
            {
              "status": "affected",
              "version": "AirWatch Agent for Windows Mobile prior to 6.5.2"
            }
          ]
        }
      ],
      "datePublic": "2018-06-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The VMware AirWatch Agent for Android prior to 8.2 and AirWatch Agent for Windows Mobile prior to 6.5.2 contain a remote code execution vulnerability in real time File Manager capabilities. This vulnerability may allow for unauthorized creation and execution of files in the Agent sandbox and other publicly accessible directories such as those on the SD card by a malicious administrator."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Remote Code Execution",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-14T09:57:01",
        "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
        "shortName": "vmware"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2018-0015.html"
        },
        {
          "name": "104441",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/104441"
        },
        {
          "name": "1041060",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1041060"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@vmware.com",
          "DATE_PUBLIC": "2018-06-11T00:00:00",
          "ID": "CVE-2018-6968",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "AirWatch Agent",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "AirWatch Agent for Android prior to 8.2"
                          },
                          {
                            "version_value": "AirWatch Agent for Windows Mobile prior to 6.5.2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "VMware"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The VMware AirWatch Agent for Android prior to 8.2 and AirWatch Agent for Windows Mobile prior to 6.5.2 contain a remote code execution vulnerability in real time File Manager capabilities. This vulnerability may allow for unauthorized creation and execution of files in the Agent sandbox and other publicly accessible directories such as those on the SD card by a malicious administrator."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Remote Code Execution"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2018-0015.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2018-0015.html"
            },
            {
              "name": "104441",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/104441"
            },
            {
              "name": "1041060",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1041060"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
    "assignerShortName": "vmware",
    "cveId": "CVE-2018-6968",
    "datePublished": "2018-06-11T22:00:00Z",
    "dateReserved": "2018-02-14T00:00:00",
    "dateUpdated": "2024-09-16T20:58:09.872Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2018-11450

CVE-2018-6968 (GCVE-0-2018-6968)

Tags

Sightings

Nomenclature