VMware

Identity Manager Connector

13 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2023-20884

  • EPSS 0.27%
  • Veröffentlicht 30.05.2023 16:15:09
  • Zuletzt bearbeitet 10.01.2025 19:15:31

VMware Workspace ONE Access and VMware Identity Manager contain an insecure redirect vulnerability. An unauthenticated malicious actor may be able to redirect a victim to an attacker controlled domain due to improper path handling leading to sensitiv...

5.3

CVE-2022-31701

  • EPSS 0.21%
  • Veröffentlicht 14.12.2022 19:15:12
  • Zuletzt bearbeitet 22.04.2025 16:15:30

VMware Workspace ONE Access and Identity Manager contain a broken authentication vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.3.

9.8

CVE-2022-31656

  • EPSS 82.74%
  • Veröffentlicht 05.08.2022 16:15:12
  • Zuletzt bearbeitet 21.11.2024 07:05:03

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the...

9.8

CVE-2022-31657

  • EPSS 2.39%
  • Veröffentlicht 05.08.2022 16:15:12
  • Zuletzt bearbeitet 21.11.2024 07:05:03

VMware Workspace ONE Access and Identity Manager contain a URL injection vulnerability. A malicious actor with network access may be able to redirect an authenticated user to an arbitrary domain.

7.2

CVE-2022-31658

  • EPSS 7.73%
  • Veröffentlicht 05.08.2022 16:15:12
  • Zuletzt bearbeitet 21.11.2024 07:05:04

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a remote code execution vulnerability. A malicious actor with administrator and network access can trigger a remote code execution.

7.2

CVE-2022-31659

  • EPSS 3.9%
  • Veröffentlicht 05.08.2022 16:15:12
  • Zuletzt bearbeitet 21.11.2024 07:05:04

VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability. A malicious actor with administrator and network access can trigger a remote code execution.

7.8

CVE-2022-31660

  • EPSS 11.15%
  • Veröffentlicht 05.08.2022 16:15:12
  • Zuletzt bearbeitet 21.11.2024 07:05:04

VMware Workspace ONE Access, Identity Manager and vRealize Automation contains a privilege escalation vulnerability. A malicious actor with local access can escalate privileges to 'root'.

7.8

CVE-2022-31661

  • EPSS 0.17%
  • Veröffentlicht 05.08.2022 16:15:12
  • Zuletzt bearbeitet 21.11.2024 07:05:04

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two privilege escalation vulnerabilities. A malicious actor with local access can escalate privileges to 'root'.

7.5

CVE-2022-31662

  • EPSS 2.32%
  • Veröffentlicht 05.08.2022 16:15:12
  • Zuletzt bearbeitet 21.11.2024 07:05:04

VMware Workspace ONE Access, Identity Manager, Connectors and vRealize Automation contain a path traversal vulnerability. A malicious actor with network access may be able to access arbitrary files.

6.1

CVE-2022-31663

  • EPSS 1.49%
  • Veröffentlicht 05.08.2022 16:15:12
  • Zuletzt bearbeitet 21.11.2024 07:05:04

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a reflected cross-site scripting (XSS) vulnerability. Due to improper user input sanitization, a malicious actor with some user interaction may be able to inject javascript...