Lucene search
GoogleOSV:CVE-2021-22002HistoryAug 31, 2021 - 10:15 p.m.
CVE-2021-22002
2021-08-3122:15:08
Google
osv.dev
2
VMware Workspace ONE Access and Identity Manager, allow the /cfg web app and diagnostic endpoints, on port 8443, to be accessed via port 443 using a custom host header. A malicious actor with network access to port 443 could tamper with host headers to facilitate access to the /cfg web app, in addition a malicious actor could access /cfg diagnostic endpoints without authentication.
| CPE | Name | Operator | Version |
|---|---|---|---|
| linux | eq | 2.6.29-rc8 | |
| linux | eq | 3.3-rc7 | |
| linux | eq | 2.6.22-rc4 | |
| linux | eq | 2.6.29-rc5 | |
| linux | eq | 2.6.18-rc3 | |
| linux | eq | 2.6.39 | |
| linux | eq | 2.6.22-rc2 | |
| linux | eq | 2.6.33-rc2 | |
| linux | eq | 2.6.35-rc6 | |
| linux | eq | 3.10-rc2 |
Related
nvd
nvd
CVE-2021-22002
2021-08-31 22:15:08
cvelist
cvelist
CVE-2021-22002
2021-08-31 21:02:21
prion
prion
Authentication flaw
2021-08-31 22:15:00
cve
cve
CVE-2021-22002
2021-08-31 22:15:08
vmware
vmware
thn
thn
VMware Issues Patches to Fix Critical Bugs Affecting Multiple Products
2021-08-06 07:12:00
nessus
nessus