Skip to main content

One Access

11 CVEs product

Monthly

CVE-2022-31665 HIGH PATCH This Week

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a remote code execution vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

RCE VMware Identity Manager One Access Identity Manager Connector
NVD
CVSS 3.1
7.2
EPSS
2.0%
CVE-2022-31664 HIGH PATCH This Week

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

VMware Privilege Escalation Identity Manager One Access Access Connector +1
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-31663 MEDIUM PATCH This Month

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a reflected cross-site scripting (XSS) vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS VMware Identity Manager One Access Access Connector +1
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2022-31662 HIGH PATCH This Week

VMware Workspace ONE Access, Identity Manager, Connectors and vRealize Automation contain a path traversal vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Path Traversal VMware Identity Manager One Access Access Connector +1
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2022-31661 HIGH PATCH This Week

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two privilege escalation vulnerabilities. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

VMware Privilege Escalation Identity Manager One Access Access Connector +1
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-31660 HIGH POC PATCH Act Now

VMware Workspace ONE Access, Identity Manager and vRealize Automation contains a privilege escalation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

VMware Privilege Escalation Identity Manager One Access Access Connector +1
NVD GitHub
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-31659 HIGH PATCH This Week

VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This SQL Injection vulnerability could allow attackers to execute arbitrary SQL commands against the database.

RCE VMware SQLi Identity Manager One Access +2
NVD
CVSS 3.1
7.2
EPSS
2.4%
CVE-2022-31658 HIGH PATCH This Week

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a remote code execution vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

RCE VMware Identity Manager One Access Access Connector +1
NVD
CVSS 3.1
7.2
EPSS
1.9%
CVE-2022-31657 CRITICAL PATCH Act Now

VMware Workspace ONE Access and Identity Manager contain a URL injection vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Open Redirect vulnerability could allow attackers to redirect users to malicious websites via URL manipulation.

VMware Open Redirect Identity Manager One Access Access Connector +1
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2022-31656 CRITICAL POC PATCH THREAT Act Now

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass VMware Identity Manager One Access Access Connector +1
NVD
CVSS 3.1
9.8
EPSS
19.0%
CVE-2020-4006 CRITICAL KEV THREAT Act Now

VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address have a command injection vulnerability. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection VMware Identity Manager Identity Manager Connector One Access +2
NVD
CVSS 3.1
9.1
EPSS
23.8%
EPSS 2% CVSS 7.2
HIGH PATCH This Week

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a remote code execution vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

RCE VMware Identity Manager +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

VMware Privilege Escalation Identity Manager +3
NVD
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a reflected cross-site scripting (XSS) vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS VMware Identity Manager +3
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

VMware Workspace ONE Access, Identity Manager, Connectors and vRealize Automation contain a path traversal vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Path Traversal VMware Identity Manager +3
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two privilege escalation vulnerabilities. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

VMware Privilege Escalation Identity Manager +3
NVD
EPSS 1% CVSS 7.8
HIGH POC PATCH Act Now

VMware Workspace ONE Access, Identity Manager and vRealize Automation contains a privilege escalation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

VMware Privilege Escalation Identity Manager +3
NVD GitHub
EPSS 2% CVSS 7.2
HIGH PATCH This Week

VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This SQL Injection vulnerability could allow attackers to execute arbitrary SQL commands against the database.

RCE VMware SQLi +4
NVD
EPSS 2% CVSS 7.2
HIGH PATCH This Week

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a remote code execution vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

RCE VMware Identity Manager +3
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

VMware Workspace ONE Access and Identity Manager contain a URL injection vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Open Redirect vulnerability could allow attackers to redirect users to malicious websites via URL manipulation.

VMware Open Redirect Identity Manager +3
NVD
EPSS 19% CVSS 9.8
CRITICAL POC PATCH THREAT Act Now

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass VMware Identity Manager +3
NVD
EPSS 24% CVSS 9.1
CRITICAL KEV THREAT Act Now

VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address have a command injection vulnerability. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection VMware Identity Manager +4
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy