Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

One Access Security Vulnerabilities

cve
cve

CVE-2020-4006

VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address have a command injection vulnerability.

9.1CVSS

9.4AI Score

0.478EPSS

2020-11-23 10:15 PM
1088
In Wild
39
cve
cve

CVE-2022-31656

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate.

9.8CVSS

9.1AI Score

0.641EPSS

2022-08-05 04:15 PM
265
11
cve
cve

CVE-2022-31657

VMware Workspace ONE Access and Identity Manager contain a URL injection vulnerability. A malicious actor with network access may be able to redirect an authenticated user to an arbitrary domain.

9.8CVSS

9.2AI Score

0.002EPSS

2022-08-05 04:15 PM
57
3
cve
cve

CVE-2022-31658

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a remote code execution vulnerability. A malicious actor with administrator and network access can trigger a remote code execution.

7.2CVSS

8.5AI Score

0.002EPSS

2022-08-05 04:15 PM
127
4
cve
cve

CVE-2022-31659

VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability. A malicious actor with administrator and network access can trigger a remote code execution.

7.2CVSS

8.5AI Score

0.002EPSS

2022-08-05 04:15 PM
134
4
cve
cve

CVE-2022-31660

VMware Workspace ONE Access, Identity Manager and vRealize Automation contains a privilege escalation vulnerability. A malicious actor with local access can escalate privileges to 'root'.

7.8CVSS

8.6AI Score

0.001EPSS

2022-08-05 04:15 PM
61
4
cve
cve

CVE-2022-31661

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two privilege escalation vulnerabilities. A malicious actor with local access can escalate privileges to 'root'.

7.8CVSS

8.7AI Score

0.0004EPSS

2022-08-05 04:15 PM
88
4
cve
cve

CVE-2022-31662

VMware Workspace ONE Access, Identity Manager, Connectors and vRealize Automation contain a path traversal vulnerability. A malicious actor with network access may be able to access arbitrary files.

7.5CVSS

8.4AI Score

0.001EPSS

2022-08-05 04:15 PM
53
3
cve
cve

CVE-2022-31663

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a reflected cross-site scripting (XSS) vulnerability. Due to improper user input sanitization, a malicious actor with some user interaction may be able to inject javascript code in the target user's window.

6.1CVSS

7.1AI Score

0.001EPSS

2022-08-05 04:15 PM
72
5
cve
cve

CVE-2022-31664

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability. A malicious actor with local access can escalate privileges to 'root'.

7.8CVSS

8.7AI Score

0.0004EPSS

2022-08-05 04:15 PM
98
4
cve
cve

CVE-2022-31665

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a remote code execution vulnerability. A malicious actor with administrator and network access can trigger a remote code execution.

7.2CVSS

8.5AI Score

0.002EPSS

2022-08-05 04:15 PM
119
4