{"api_version":"1","generated_at":"2026-05-04T20:25:59+00:00","cve":"CVE-2017-4932","urls":{"html":"https://cve.report/CVE-2017-4932","api":"https://cve.report/api/cve/CVE-2017-4932.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2017-4932","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2017-4932"},"summary":{"title":"CVE-2017-4932","description":"VMware AirWatch Launcher for Android prior to 3.2.2 contains a vulnerability that could allow an escalation of privilege from the launcher UI context menu to native UI functionality and privilege. Successful exploitation of this issue could result in an escalation of privilege.","state":"PUBLIC","assigner":"security@vmware.com","published_at":"2017-11-16 21:29:00","updated_at":"2019-10-03 00:03:00"},"problem_types":["NVD-CWE-noinfo"],"metrics":[],"references":[{"url":"https://www.vmware.com/us/security/advisories/VMSA-2017-0016.html","name":"https://www.vmware.com/us/security/advisories/VMSA-2017-0016.html","refsource":"CONFIRM","tags":["Patch","Vendor Advisory"],"title":"VMSA-2017-0016","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id/1039750","name":"1039750","refsource":"SECTRACK","tags":["Third Party Advisory","VDB Entry"],"title":"VMware AirWatch Console Bugs Let Remote Authenticted Users Conduct Cross-Site Scripting and Log File Injection Attacks and Let Local Users Gain Elevated Privileges - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/101771","name":"101771","refsource":"BID","tags":["Third Party Advisory","VDB Entry"],"title":"VMware AirWatch Launcher for Android CVE-2017-4932 Privilege Escalation Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2017-4932","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-4932","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2017","cve_id":"4932","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"google","cpe5":"android","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2017","cve_id":"4932","vulnerable":"0","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"google","cpe5":"android","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2017","cve_id":"4932","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"vmware","cpe5":"airwatch_launcher","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2017","cve_id":"4932","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"vmware","cpe5":"airwatch_launcher","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"security@vmware.com","DATE_PUBLIC":"2017-11-08T00:00:00","ID":"CVE-2017-4932","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"VMware AirWatch Launcher for Android (AWL)","version":{"version_data":[{"version_value":"before 3.2.2"}]}}]},"vendor_name":"VMware"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"VMware AirWatch Launcher for Android prior to 3.2.2 contains a vulnerability that could allow an escalation of privilege from the launcher UI context menu to native UI functionality and privilege. Successful exploitation of this issue could result in an escalation of privilege."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Privilege escalation"}]}]},"references":{"reference_data":[{"name":"1039750","refsource":"SECTRACK","url":"http://www.securitytracker.com/id/1039750"},{"name":"https://www.vmware.com/us/security/advisories/VMSA-2017-0016.html","refsource":"CONFIRM","url":"https://www.vmware.com/us/security/advisories/VMSA-2017-0016.html"},{"name":"101771","refsource":"BID","url":"http://www.securityfocus.com/bid/101771"}]}},"nvd":{"publishedDate":"2017-11-16 21:29:00","lastModifiedDate":"2019-10-03 00:03:00","problem_types":["NVD-CWE-noinfo"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL","baseScore":4.6},"severity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:vmware:airwatch_launcher:*:*:*:*:*:*:*:*","versionEndExcluding":"3.2.2","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]}]}},"legacy_mitre":{"record":{"CveYear":"2017","CveId":"4932","Ordinal":"101362","Title":"CVE-2017-4932","CVE":"CVE-2017-4932","Year":"2017"},"notes":[{"CveYear":"2017","CveId":"4932","Ordinal":"1","NoteData":"VMware AirWatch Launcher for Android prior to 3.2.2 contains a vulnerability that could allow an escalation of privilege from the launcher UI context menu to native UI functionality and privilege. Successful exploitation of this issue could result in an escalation of privilege.","Type":"Description","Title":null},{"CveYear":"2017","CveId":"4932","Ordinal":"2","NoteData":"2017-11-16","Type":"Other","Title":"Published"},{"CveYear":"2017","CveId":"4932","Ordinal":"3","NoteData":"2017-11-17","Type":"Other","Title":"Modified"}]}}}