#VU801 Directory traversal in VMware Horizon - CVE-2016-7087

Cybersecurity Help s.r.o.

Published: 2016-10-07 | Updated: 2016-10-07

Vulnerability identifier: #VU801

Vulnerability risk: Low

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2016-7087

CWE-ID: CWE-22

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
VMware Horizon
Server applications / Virtualization software

Vendor: VMware, Inc

Description
The vulnerability allows a remote unauthenticated user to view potentially sensitive information on the target system.
The weakness exists due to directory traversal flaw and lets attackers to obtain certain information from the Horizon View Connection Server.
Successful exploitation of the vulnerability results in disclosure of important data.

Mitigation
Update 5.x to version to 5.3.7.
Update 6.x to version to 6.2.3.
Update 7.x to version to 7.0.1.

Vulnerable software versions

VMware Horizon: 5.0 - 5.0.1, 5.1 - 5.1.3, 5.2, 5.3 - 5.3.6, 6.0 - 6.0.2, 6.1 - 6.1.1, 6.2 - 6.2.2, 7.0

External links
https://www.vmware.com/security/advisories/VMSA-2016-0015.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Directory traversal in VMware Horizon View