CVE-2014-8372
VMware AirWatch < 7.3.3.0 - Authenticated Exposure of Sensitive Information via Direct Object Reference
Title source: llmDescription
AirWatch by VMware On-Premise 7.3.x before 7.3.3.0 (FP3) allows remote authenticated users to obtain the organizational information and statistics from arbitrary tenants via vectors involving a direct object reference.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
http://www.vmware.com/security/advisories/VMSA-2014-0014.html
Mailing List mailing-list
x_refsource_fulldisc
http://seclists.org/fulldisclosure/2014/Dec/44
Scores
EPSS
0.0013
EPSS Percentile
31.3%
Details
CWE
CWE-200
Status
published
Products (2)
vmware/airwatch
7.3.0.0
vmware/airwatch
< 7.3.3.0
Published
Dec 11, 2014
Tracked Since
Feb 18, 2026