Security Advisory

CVE-2020-3977

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-09-22 13:45:14

Last updated 2024-08-04 07:52:20

Assigner vmware

State PUBLISHED

Description

VMware Horizon DaaS (7.x and 8.x before 8.0.1 Update 1) contains a broken authentication vulnerability due to a flaw in the way it handled the first factor authentication. Successful exploitation of this issue may allow an attacker to bypass two-factor authentication process. In order to exploit this issue, an attacker must have a legitimate account on Horizon DaaS.

← Browse all CVEs View on cve.org ↗