This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.
An application installed on the remote Windows host is affected by an
information disclosure vulnerability.
The version of VMware Horizon View installed on the remote Windows
host is 5.x prior to 5.3.7, 6.x prior to 6.2.3, or 7.x prior to 7.0.1.
It is, therefore, affected by an information disclosure vulnerability
in the loadConfig() function within the loggerBean service due to
improper sanitization of user-supplied input. An unauthenticated,
remote attacker can exploit this, via a specially crafted request, to
perform a directory traversal and thereby disclose the contents of
See also :
Upgrade to VMware Horizon View version 5.3.7 / 6.2.3 / 7.0.1 or later.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.1
Public Exploit Available : true