Vmware Identity_manager

28 CVEs affecting Vmware Identity_manager. Latest disclosed: 2023-05-30. Critical: 8, High: 15.

Top CVEs affecting Vmware Identity_manager
CVESeverityScorePublishedSummary
CVE-2022-31657Critical9.82022-08-05VMware Workspace ONE Access and Identity Manager contain a URL injection vulnerability. A malicious actor with network access may be able to redirect an authen…
CVE-2022-31656Critical9.82022-08-05VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious…
CVE-2022-22972Critical9.82022-05-20VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious…
CVE-2022-22956Critical9.82022-04-13VMware Workspace ONE Access has two authentication bypass vulnerabilities (CVE-2022-22955 & CVE-2022-22956) in the OAuth2 ACS framework. A malicious actor may…
CVE-2022-22955Critical9.82022-04-13VMware Workspace ONE Access has two authentication bypass vulnerabilities (CVE-2022-22955 & CVE-2022-22956) in the OAuth2 ACS framework. A malicious actor may…
CVE-2022-22954Critical9.82022-04-11VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-side template injection. A malicious actor with ne…
CVE-2021-22002Critical9.82021-08-31VMware Workspace ONE Access and Identity Manager, allow the /cfg web app and diagnostic endpoints, on port 8443, to be accessed via port 443 using a custom hos…
CVE-2020-4006Critical9.12020-11-23VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address have a command injection vulnerability.
CVE-2022-31664High7.82022-08-05VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability. A malicious actor with local access can esc…
CVE-2022-31661High7.82022-08-05VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two privilege escalation vulnerabilities. A malicious actor with local access can…
CVE-2022-31660High7.82022-08-05VMware Workspace ONE Access, Identity Manager and vRealize Automation contains a privilege escalation vulnerability. A malicious actor with local access can es…
CVE-2022-22973High7.82022-05-20VMware Workspace ONE Access and Identity Manager contain a privilege escalation vulnerability. A malicious actor with local access can escalate privileges to '…
CVE-2022-22960High7.82022-04-13VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in support scrip…
CVE-2016-5335High7.82016-08-31VMware Identity Manager 2.x before 2.7 and vRealize Automation 7.0.x before 7.1 allow local users to obtain root access via unspecified vectors.
CVE-2022-31662High7.52022-08-05VMware Workspace ONE Access, Identity Manager, Connectors and vRealize Automation contain a path traversal vulnerability. A malicious actor with network access…
CVE-2021-22056High7.52021-12-20VMware Workspace ONE Access 21.08, 20.10.0.1, and 20.10 and Identity Manager 3.3.5, 3.3.4, and 3.3.3 contain an SSRF vulnerability. A malicious actor with netw…
CVE-2021-22003High7.52021-08-31VMware Workspace ONE Access and Identity Manager, unintentionally provide a login interface on port 7443. A malicious actor with network access to port 7443 ma…
CVE-2022-31700High7.22022-12-14VMware Workspace ONE Access and Identity Manager contain an authenticated remote code execution vulnerability. VMware has evaluated the severity of this issue…
CVE-2022-31665High7.22022-08-05VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a remote code execution vulnerability. A malicious actor with administrator and n…
CVE-2022-31659High7.22022-08-05VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability. A malicious actor with administrator and network access can tri…