CVE-2020-3977

VMware Horizon DaaS (7.x and 8.x before 8.0.1 Update 1) contains a broken authentication vulnerability due to a flaw in the way it handled the first factor authentication. Successful exploitation of this issue may allow an attacker to bypass two-factor authentication process. In order to exploit this issue, an attacker must have a legitimate account on Horizon DaaS.
References
Configurations

Configuration 1

cpe:2.3:a:vmware:horizon_daas:7.0.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:horizon_daas:*:*:*:*:*:*:*:*

Information

Published : 2020-09-22 02:15

Updated : 2020-09-30 05:20


NVD link : CVE-2020-3977

Mitre link : CVE-2020-3977

Products Affected
No products.
CWE