Lucene search
K

168 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 4:20 p.m.11 views

CVE-2020-3940

VMware Workspace ONE SDK and dependent mobile application updates address sensitive information disclosure vulnerability...

5.9CVSS6.5AI score0.00802EPSS
Exploits0
NVD
NVD
added 2024/06/27 9:15 p.m.22 views

CVE-2024-22260

VMware Workspace One UEM update addresses an information exposure vulnerability. A malicious actor with network access to the Workspace One UEM may be able to perform an attack resulting in an information exposure...

6.8CVSS0.00363EPSS
Exploits0References1
CVE
CVE
added 2024/06/27 8:18 p.m.82 views

CVE-2024-22260

The CVE-2024-22260 entry relates to VMware Workspace ONE UEM where a network-accessible flaw could expose information. Affected product: VMware Workspace ONE UEM. Root cause/impact: information exposure with high confidentiality and integrity impact per CVSS 3.1 metrics (AV:N, AC:H, PR:N, UI:R; C...

6.8CVSS6.7AI score0.00363EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2024/05/30 2:24 p.m.41 views

RedTail Crypto-Mining Malware Exploiting Palo Alto Networks Firewall Vulnerability

The threat actors behind the RedTail cryptocurrency mining malware have added a recently disclosed security flaw impacting Palo Alto Networks firewalls to its exploit arsenal. The addition of the PAN-OS vulnerability to its toolkit has been complemented by updates to the malware, which now...

10CVSS10AI score0.99999EPSS
Exploits455
OSV
OSV
added 2023/10/31 9:15 p.m.9 views

CVE-2023-20886

VMware Workspace ONE UEM console contains an open redirect vulnerability. A malicious actor may be able to redirect a victim to an attacker and retrieve their SAML response to login as the victim user...

6.1CVSS5.8AI score0.00398EPSS
Exploits0References1
Prion
Prion
added 2023/10/31 9:15 p.m.17 views

Open redirect

VMware Workspace ONE UEM console contains an open redirect vulnerability. A malicious actor may be able to redirect a victim to an attacker and retrieve their SAML response to login as the victim user...

5.8CVSS6.1AI score0.00398EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/10/31 12:0 a.m.6 views

VMware Workspace ONE Input Validation Error Vulnerability

VMware Vmware Workspace One is a platform from VMware that supports cross-device applications for rapid delivery and management of applications. The platform, which includes VMware Horizon and VMware Horizon Cloud, integrates access control, application management, and multi-platform endpoint...

8.8CVSS6.8AI score0.00398EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/06/07 12:0 a.m.7 views

The vulnerability of the VMware Workspace One Access application management platform, related to the administration console of VMware Identity Manager (vIDM), involves redirecting URLs to an unreliable website. This allows a malicious user to redirect users to any arbitrary URL address.

The vulnerability of the VMware Workspace One Access application management platform, as well as the VMware Identity Manager administration consoles, is related to incorrect elimination of special elements in the output data. Exploiting this vulnerability can allow a malicious actor to redirect...

6.4CVSS6.4AI score0.00348EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/05/30 3:5 p.m.9 views

CVE-2023-20884

VMware Workspace ONE Access and VMware Identity Manager contain an insecure redirect vulnerability. An unauthenticated malicious actor may be able to redirect a victim to an attacker controlled domain due to improper path handling leading to sensitive information disclosure...

6.1CVSS6.4AI score0.00348EPSS
Exploits0References1
Metasploit
Metasploit
added 2023/04/19 7:43 p.m.226 views

VMware Workspace ONE Access CVE-2022-22960

This module exploits CVE-2022-22960 which allows the user to overwrite the permissions of the certproxyService.sh script so that it can be modified by the horizon user. This allows a local attacker with the uid 1001 to escalate their privileges to root access. Module Options msf use...

7.8CVSS8.6AI score0.37171EPSS
Exploits8
Packet Storm
Packet Storm
added 2023/04/19 12:0 a.m.326 views

VMware Workspace ONE Access Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VMware Workspace ONE Access CVE-2022-22960', 'Description' = %q This module exploits CVE-2022-22960 which allows the user to overwrite the...

7.8CVSS8.7AI score0.37171EPSS
Exploits8
0day.today
0day.today
added 2023/04/19 12:0 a.m.306 views

VMware Workspace ONE Access Privilege Escalation Exploit

This Metasploit module exploits CVE-2022-22960 which allows the user to overwrite the permissions of the certproxyService.sh script so that it can be modified by the horizon user. This allows a local attacker with the uid 1001 to escalate their privileges to root access. This module requires...

7.8CVSS8.5AI score0.37171EPSS
Exploits8
0day.today
0day.today
added 2023/04/18 12:0 a.m.409 views

VMware Workspace ONE Remote Code Execution Exploit

This Metasploit module combines two vulnerabilities in order achieve remote code execution in the context of the horizon user. The first vulnerability, CVE-2022-22956, is an authentication bypass in OAuth2TokenResourceController ACS which allows a remote, unauthenticated attacker to bypass the...

9.8CVSS9.5AI score0.50694EPSS
Exploits13
Prion
Prion
added 2023/02/28 5:15 p.m.20 views

Design/Logic Flaw

VMware Workspace ONE Content contains a passcode bypass vulnerability. A malicious actor, with access to a users rooted device, may be able to bypass the VMware Workspace ONE Content passcode...

4.6CVSS6.5AI score0.00919EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/02/28 12:0 a.m.12 views

CVE-2023-20857

VMware Workspace ONE Content contains a passcode bypass vulnerability. A malicious actor, with access to a users rooted device, may be able to bypass the VMware Workspace ONE Content passcode...

6.7AI score0.00919EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/02/28 12:0 a.m.4 views

VMware Workspace ONE Content 访问控制错误漏洞

VMware Vmware Workspace One is a platform from VMware that supports cross-device applications for rapid delivery and management of applications. The platform, which includes VMware Horizon and VMware Horizon Cloud, integrates access control, application management, and multi-platform endpoint...

6.8CVSS6.6AI score0.00919EPSS
Exploits0References4
CVE
CVE
added 2023/02/28 12:0 a.m.137 views

CVE-2023-20857

CVE-2023-20857 relates to a passcode bypass vulnerability in VMware Workspace ONE Content. Connected sources confirm the issue affects the Workspace ONE Content component and could allow bypassing the device passcode when the attacker has access to a rooted device. The primary public advisories d...

6.8CVSS6.4AI score0.00919EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2022/12/14 12:0 a.m.5 views

VMware Workspace ONE Access 和 Identity Manage 安全漏洞

VMware Workspace One Access and VMware Identity Manager are both products of VMware, Inc.VMware Workspace One Access is a centralized management console that enables you to manage users and groups, set and manage authentication and access policies, and add resources to a directory and manage...

7.2CVSS7.3AI score0.01082EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/12/14 12:0 a.m.4 views

VMware Workspace One Access和VMware Identity Manager 访问控制错误漏洞

VMware Workspace One Access and VMware Identity Manager are both products of VMware, Inc.VMware Workspace One Access is a centralized management console that enables you to manage users and groups, set and manage authentication and access policies, and add resources to a directory and manage...

5.3CVSS5.8AI score0.00501EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/12/14 12:0 a.m.7 views

CVE-2022-31701

VMware Workspace ONE Access and Identity Manager contain a broken authentication vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.3...

7.4AI score0.00501EPSS
Exploits0References1
Rows per page
Query Builder