Request a Demo
Rewterz
Rewterz Threat Advisory – CVE-2020-12811 – FortiManager and FortiAnalyzer cross-site scripting
September 22, 2020
Rewterz
Rewterz Threat Advisory – Security Updates for Mozilla Firefox
September 23, 2020

Rewterz Threat Advisory – CVE-2020-3977 – VMware Horizon DaaS broken authentication vulnerability

Severity

Medium

Analysis Summary

Horizon DaaS contains a broken authentication vulnerability due to a flaw in the way it handled the first factor authentication. Successful exploitation of this issue may allow an attacker to bypass two-factor authentication process. In order to exploit this issue, an attacker must have a legitimate account on Horizon DaaS.

Impact

bypass two-factor authentication

Affected Vendors

VMware

Affected Products

VMware Horizon DaaS (Horizon DaaS)

Remediation

Refer to VMware advisory for the complete list of affected products and respective patches.

https://www.vmware.com/security/advisories/VMSA-2020-0021.html