Vmware Vrealize_suite_lifecycle_manager

21 CVEs affecting Vmware Vrealize_suite_lifecycle_manager. Latest disclosed: 2022-05-20. Critical: 4, High: 11.

Top CVEs affecting Vmware Vrealize_suite_lifecycle_manager
CVESeverityScorePublishedSummary
CVE-2022-22972Critical9.82022-05-20VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious…
CVE-2022-22954Critical9.82022-04-11VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-side template injection. A malicious actor with ne…
CVE-2021-22002Critical9.82021-08-31VMware Workspace ONE Access and Identity Manager, allow the /cfg web app and diagnostic endpoints, on port 8443, to be accessed via port 443 using a custom hos…
CVE-2020-4006Critical9.12020-11-23VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address have a command injection vulnerability.
CVE-2022-22973High7.82022-05-20VMware Workspace ONE Access and Identity Manager contain a privilege escalation vulnerability. A malicious actor with local access can escalate privileges to '…
CVE-2022-22960High7.82022-04-13VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in support scrip…
CVE-2021-22003High7.52021-08-31VMware Workspace ONE Access and Identity Manager, unintentionally provide a login interface on port 7443. A malicious actor with network access to port 7443 ma…
CVE-2021-22027High7.52021-08-30The vRealize Operations Manager API (8.x prior to 8.5) contains a Server Side Request Forgery in an end point. An unauthenticated malicious actor with network…
CVE-2021-22026High7.52021-08-30The vRealize Operations Manager API (8.x prior to 8.5) contains a Server Side Request Forgery in an end point. An unauthenticated malicious actor with network…
CVE-2021-22025High7.52021-08-30The vRealize Operations Manager API (8.x prior to 8.5) contains a broken access control vulnerability leading to unauthenticated API access. An unauthenticated…
CVE-2021-22024High7.52021-08-30The vRealize Operations Manager API (8.x prior to 8.5) contains an arbitrary log-file read vulnerability. An unauthenticated malicious actor with network acces…
CVE-2021-21975High7.52021-03-31Server Side Request Forgery in vRealize Operations Manager API (CVE-2021-21975) prior to 8.4 may allow a malicious actor with network access to the vRealize Op…
CVE-2022-22958High7.22022-04-13VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code execution vulnerabilities (CVE-2022-22957 & CVE-2022-22958). A ma…
CVE-2022-22957High7.22022-04-13VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code execution vulnerabilities (CVE-2022-22957 & CVE-2022-22958). A ma…
CVE-2021-22023High7.22021-08-30The vRealize Operations Manager API (8.x prior to 8.5) has insecure object reference vulnerability. A malicious actor with administrative access to vRealize Op…
CVE-2021-21983Medium6.52021-03-31Arbitrary file write vulnerability in vRealize Operations Manager API (CVE-2021-21983) prior to 8.4 may allow an authenticated malicious actor with network acc…
CVE-2022-22961Medium5.32022-04-13VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an information disclosure vulnerability due to returning excess information. A ma…
CVE-2021-22022Medium4.92021-08-30The vRealize Operations Manager API (8.x prior to 8.5) contains an arbitrary file read vulnerability. A malicious actor with administrative access to vRealize…
CVE-2022-22959Medium4.32022-04-13VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a cross site request forgery vulnerability. A malicious actor can trick a user th…
CVE-2021-22035Medium4.32021-10-13VMware vRealize Log Insight (8.x prior to 8.6) contains a CSV(Comma Separated Value) injection vulnerability in interactive analytics export function. An authe…