Lucene search
K

225 matches found

CISA KEV Catalog
CISA KEV Catalog
added 2022/04/15 12:0 a.m.29 views

VMware Multiple Products Privilege Escalation Vulnerability

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in support scripts...

7.8CVSS3.4AI score0.37171EPSS
In wildExploits8
NVD
NVD
added 2022/04/13 6:15 p.m.21 views

CVE-2022-22958

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code execution vulnerabilities CVE-2022-22957 & CVE-2022-22958. A malicious actor with administrative access can trigger deserialization of untrusted data through malicious JDBC URI which may result in remote...

7.2CVSS0.02952EPSS
Exploits5References1
ATTACKERKB
ATTACKERKB
added 2022/04/13 6:15 p.m.8 views

CVE-2022-22958

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code execution vulnerabilities CVE-2022-22957 & CVE-2022-22958. A malicious actor with administrative access can trigger deserialization of untrusted data through malicious JDBC URI which may result in remote...

7.2CVSS8AI score0.23084EPSS
Exploits5References2
OSV
OSV
added 2022/04/13 6:15 p.m.5 views

CVE-2022-22960

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in support scripts. A malicious actor with local access can escalate privileges to 'root'...

7.8CVSS5.5AI score0.37171EPSS
Exploits8References5
OSV
OSV
added 2022/04/13 6:15 p.m.4 views

CVE-2022-22958

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code execution vulnerabilities CVE-2022-22957 & CVE-2022-22958. A malicious actor with administrative access can trigger deserialization of untrusted data through malicious JDBC URI which may result in remote...

7.2CVSS6.6AI score0.23084EPSS
Exploits5References1
OSV
OSV
added 2022/04/13 6:15 p.m.5 views

CVE-2022-22959

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a cross site request forgery vulnerability. A malicious actor can trick a user through a cross site request forgery to unintentionally validate a malicious JDBC URI...

4.3CVSS5AI score0.00497EPSS
Exploits1References1
NVD
NVD
added 2022/04/13 6:15 p.m.22 views

CVE-2022-22959

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a cross site request forgery vulnerability. A malicious actor can trick a user through a cross site request forgery to unintentionally validate a malicious JDBC URI...

4.3CVSS0.00497EPSS
Exploits1References1
OSV
OSV
added 2022/04/13 6:15 p.m.4 views

CVE-2022-22961

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an information disclosure vulnerability due to returning excess information. A malicious actor with remote access may leak the hostname of the target system. Successful exploitation of this issue can lead to targeting...

5.3CVSS5.6AI score0.00813EPSS
Exploits1References1
OSV
OSV
added 2022/04/13 6:15 p.m.4 views

CVE-2022-22957

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code execution vulnerabilities CVE-2022-22957 & CVE-2022-22958. A malicious actor with administrative access can trigger deserialization of untrusted data through malicious JDBC URI which may result in remote...

7.2CVSS6.6AI score0.23084EPSS
Exploits5References3
ATTACKERKB
ATTACKERKB
added 2022/04/13 6:15 p.m.6 views

CVE-2022-22961

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an information disclosure vulnerability due to returning excess information. A malicious actor with remote access may leak the hostname of the target system. Successful exploitation of this issue can lead to targeting...

5.3CVSS7AI score0.00813EPSS
Exploits1References2
Prion
Prion
added 2022/04/13 6:15 p.m.23 views

Deserialization of untrusted data

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code execution vulnerabilities CVE-2022-22957 & CVE-2022-22958. A malicious actor with administrative access can trigger deserialization of untrusted data through malicious JDBC URI which may result in remote...

6.5CVSS7.6AI score0.23084EPSS
Exploits5References1Affected Software5
Prion
Prion
added 2022/04/13 6:15 p.m.14 views

Cross site request forgery (csrf)

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a cross site request forgery vulnerability. A malicious actor can trick a user through a cross site request forgery to unintentionally validate a malicious JDBC URI...

4.3CVSS4.8AI score0.00497EPSS
Exploits1References1Affected Software5
Prion
Prion
added 2022/04/13 6:15 p.m.17 views

Information disclosure

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an information disclosure vulnerability due to returning excess information. A malicious actor with remote access may leak the hostname of the target system. Successful exploitation of this issue can lead to targeting...

5CVSS5.3AI score0.00813EPSS
Exploits1References1Affected Software5
Cvelist
Cvelist
added 2022/04/13 5:5 p.m.40 views

CVE-2022-22958

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code execution vulnerabilities CVE-2022-22957 & CVE-2022-22958. A malicious actor with administrative access can trigger deserialization of untrusted data through malicious JDBC URI which may result in remote...

8.4AI score0.23084EPSS
Exploits5References1
CVE
CVE
added 2022/04/13 5:5 p.m.129 views

CVE-2022-22958

CVE-2022-22958 is part of a pair of remote code execution vulnerabilities affecting VMware Workspace ONE Access, Identity Manager and vRealize Automation. Public details in the connected docs confirm two RCE vulnerabilities (CVE-2022-22957 and CVE-2022-22958) that can be triggered by an attacker ...

7.2CVSS8.6AI score0.23084EPSS
In wildExploits5References1Affected Software5
CVE
CVE
added 2022/04/13 5:5 p.m.169 views

CVE-2022-22961

CVE-2022-22961 affects VMware products including Workspace ONE Access, Identity Manager and vRealize Automation. The issue is an information-disclosure fault caused by returning excess data, enabling a remote attacker to leak the target’s hostname. The vulnerability is exploitable remotely and co...

5.3CVSS6.8AI score0.00813EPSS
Exploits1References1Affected Software5
Cvelist
Cvelist
added 2022/04/13 5:5 p.m.24 views

CVE-2022-22961

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an information disclosure vulnerability due to returning excess information. A malicious actor with remote access may leak the hostname of the target system. Successful exploitation of this issue can lead to targeting...

5.7AI score0.00813EPSS
Exploits1References1
CVE
CVE
added 2022/04/13 5:5 p.m.177 views

CVE-2022-22959

CVE-2022-22959 affects VMware Workspace ONE Access, VMware Identity Manager, and vRealize Automation. The vulnerability is a Cross-Site Request Forgery (CSRF) that can trick a logged-in user into unknowingly validating a malicious JDBC URI, as described in the VMSA-2022-0011 advisory. This mode s...

4.3CVSS6.5AI score0.00497EPSS
Exploits1References1Affected Software5
Cvelist
Cvelist
added 2022/04/13 5:5 p.m.22 views

CVE-2022-22959

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a cross site request forgery vulnerability. A malicious actor can trick a user through a cross site request forgery to unintentionally validate a malicious JDBC URI...

5.2AI score0.00497EPSS
Exploits1References1
Cvelist
Cvelist
added 2022/04/13 12:0 a.m.183 views

CVE-2022-22957

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code execution vulnerabilities CVE-2022-22957 & CVE-2022-22958. A malicious actor with administrative access can trigger deserialization of untrusted data through malicious JDBC URI which may result in remote...

8.4AI score0.23084EPSS
Exploits5References3
Rows per page
Query Builder