VMware Horizon View Directory Traversal File Disclosure (VMSA-2016-0015)

This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.


Synopsis :

An application installed on the remote Windows host is affected by an
information disclosure vulnerability.

Description :

The version of VMware Horizon View installed on the remote Windows
host is 5.x prior to 5.3.7, 6.x prior to 6.2.3, or 7.x prior to 7.0.1.
It is, therefore, affected by an information disclosure vulnerability
in the loadConfig() function within the loggerBean service due to
improper sanitization of user-supplied input. An unauthenticated,
remote attacker can exploit this, via a specially crafted request, to
perform a directory traversal and thereby disclose the contents of
arbitrary files.

See also :

http://www.vmware.com/security/advisories/VMSA-2016-0015.html

Solution :

Upgrade to VMware Horizon View version 5.3.7 / 6.2.3 / 7.0.1 or later.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
CVSS Temporal Score : 4.1
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 94053 ()

Bugtraq ID: 93455

CVE ID: CVE-2016-7087

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now