Lucene search
K

559 matches found

NCSC
NCSC
added 2021/08/20 12:0 a.m.7 views

Vulnerability fixed in VMware Workspace ONE

VMware has fixed a vulnerability in Workspace ONE. The vulnerability allows a malicious party with access to /API/system/admins/session the ability to perform a Denial of Service execution. VMware categorizes this vulnerability according to the CVSSv3 method with a score of 5.8. VMware has releas...

7.5CVSS6.6AI score0.00961EPSS
Exploits0
CNNVD
CNNVD
added 2021/08/19 12:0 a.m.6 views

Vmware Workspace One 安全漏洞

Vmware Vmware Workspace One is a platform for supporting cross-device applications for rapid delivery and management of applications from Vmware, USA. The platform, which includes VMware Horizon and VMware Horizon Cloud, integrates access control, application management, and multi-platform endpoi...

7.5CVSS7.6AI score0.00961EPSS
Exploits0References3
VMware
VMware
added 2021/08/19 12:0 a.m.53 views

VMware Workspace ONE UEM console patches address a denial of service vulnerability (CVE-2021-22029)

3. Advisory Details VMware Workspace ONE UEM REST API contains a denial of service vulnerability. VMware has evaluated this issue to be of 'Moderate' severity with a maximum CVSSv3 base score of 5.3...

5CVSS7.5AI score0.00961EPSS
Exploits0References14Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/08/12 12:0 a.m.4 views

The vulnerabilities of the VMware Identity Manager (vIDM), vRealize Automation, Workspace ONE Access, Cloud Foundation, and vRealize Suite Lifecycle Manager software are related to insufficient validation of incoming requests. This allows attackers to execute SSRF attacks.

The vulnerabilities of VMware Identity Manager vIDM, vRealize Automation, Workspace ONE Access, Cloud Foundation, and vRealize Suite Lifecycle Manager are related to insufficient validation of incoming requests. Exploiting these vulnerabilities allows a malicious actor to execute an SSRF attack b...

9CVSS8.1AI score0.01207EPSS
Exploits0References4Affected Software5
BDU FSTEC
BDU FSTEC
added 2021/08/12 12:0 a.m.6 views

The vulnerability of the VMware Identity Manager (vIDM), Workspace ONE Access, Cloud Foundation, and vRealize Suite Lifecycle Manager lies in the transmission of data through an unprotected primary channel, allowing attackers to circumvent existing security restrictions.

The vulnerability of the VMware Identity Manager vIDM, Workspace ONE Access, Cloud Foundation, and vRealize Suite Lifecycle Manager lies in the transmission of data through an unprotected primary channel. Exploiting this vulnerability allows a malicious actor to circumvent existing security...

3.7CVSS7.4AI score0.00994EPSS
Exploits0References4Affected Software4
VulnCheck KEV
VulnCheck KEV
added 2021/08/12 12:0 a.m.13 views

VulnCheck KEV: CVE-2022-22972

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate...

9.8CVSS7.4AI score0.52813EPSS
Exploits3References1
Tenable Nessus
Tenable Nessus
added 2021/08/12 12:0 a.m.78 views

VMware Workspace One Access / VMware Identity Manager Multiple Vulnerabilities (VMSA-2021-0016)

The VMware Workspace One Access formerly VMware Identity Manager application running on the remote host is affected by the following vulnerabilities: - A security bypass vulnerability exists in due to improper validation of host headers. An unauthenticated, remote attacker can exploit this, via a...

9.8CVSS8.1AI score0.01207EPSS
Exploits0References4
NCSC
NCSC
added 2021/08/06 12:0 a.m.4 views

Vulnerabilities fixed in VMware Workspace One Access and Identity Manager

VMware has fixed vulnerabilities in Workspace One Access and Identity Manager, as used by VMware Cloud Foundation, Identity Manager, Workspace One Access and vRealize. A unauthenticated malicious party could potentially exploit them to gain access to sensitive system data. VMware has released...

9.8CVSS7.1AI score0.01207EPSS
Exploits0
CNNVD
CNNVD
added 2021/08/05 12:0 a.m.5 views

Vmware Workspace One 信息泄露漏洞

Vmware Vmware Workspace One is a platform for supporting cross-device applications for rapid delivery and management of applications from Vmware, USA. The platform, which includes VMware Horizon and VMware Horizon Cloud, integrates access control, application management, and multi-platform endpoi...

7.5CVSS7.5AI score0.00994EPSS
Exploits0References4
VMware
VMware
added 2021/08/03 12:0 a.m.99 views

VMSA-2021-0016:VMware Workspace ONE Access, Identity Manager and vRealize Automation address multiple vulnerabilities

Advisory ID: VMSA-2021-0016.2 CVSSv3 Range: 3.7-8.6 Issue Date:2021-08-05 Updated On: 2021-11-12 CVEs: CVE-2021-22002, CVE-2021-22003 Synopsis: VMware Workspace ONE Access, Identity Manager and vRealize Automation address multiple vulnerabilities CVE-2021-22002, CVE-2021-22003 RSS Feed Download P...

9.8CVSS9AI score0.01207EPSS
Exploits0References28Affected Software5
Exploit DB
Exploit DB
added 2021/06/17 12:0 a.m.550 views

Workspace ONE Intelligent Hub 20.3.8.0 - 'VMware Hub Health Monitoring Service' Unquoted Service Path

Exploit Title: Workspace ONE Intelligent Hub 20.3.8.0 - 'VMware Hub Health Monitoring Service' Unquoted Service Path Discovery by: Ismael Nava Discovery Date: 06-16-2021 Vendor Homepage: https://www.vmware.com/mx/products/workspace-one/intelligent-hub.html Software Links : https://getwsone.com/...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/06/17 12:0 a.m.84 views

Workspace ONE Intelligent Hub 20.3.8.0 - (VMware Hub Health Monitoring Service) Unquoted Service Pat

Exploit Title: Workspace ONE Intelligent Hub 20.3.8.0 - 'VMware Hub Health Monitoring Service' Unquoted Service Path Discovery by: Ismael Nava Vendor Homepage: https://www.vmware.com/mx/products/workspace-one/intelligent-hub.html Software Links : https://getwsone.com/ Tested Version: 20.3.8.0...

0.4AI score
Exploits0
NCSC
NCSC
added 2021/06/16 12:0 a.m.4 views

Vulnerability fixed in VMware Workspace ONE UEM

VMware has fixed a vulnerability in Workspace ONE UEM console. An unauthenticated remote malicious person can exploit the exploit the vulnerability to perform a Cross-Site Scripting XSS attack. Such an attack could result in the execution of arbitrary script code in the browser used to visit the...

6.1CVSS6.8AI score0.00796EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2021/06/10 12:0 a.m.7 views

The vulnerability of VMware Workspace One’s software products stems from the lack of measures taken to protect the structure of the web page. This allows attackers to compromise the confidentiality and integrity of the protected information.

The vulnerability of VMware Workspace One’s software products exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality and integrity of the protected information...

6.1CVSS6.3AI score0.00796EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2021/05/11 2:15 p.m.20 views

CVE-2021-21990

VMware Workspace one UEM console 2102 prior to 21.2.0.8, 2101 prior to 21.1.0.14, 2011 prior to 20.11.0.27, 2010 prior to 20.10.0.16,2008 prior to 20.8.0.28, 2007 prior to 20.7.0.14,2006 prior to 20.6.0.19, 2005 prior to 20.5.0.46, 2004 prior to 20.4.0.21, 2003 prior to 20.3.0.23, 2001 prior to...

6.1CVSS0.00796EPSS
Exploits1References2
OSV
OSV
added 2021/05/11 2:15 p.m.5 views

CVE-2021-21990

VMware Workspace one UEM console 2102 prior to 21.2.0.8, 2101 prior to 21.1.0.14, 2011 prior to 20.11.0.27, 2010 prior to 20.10.0.16,2008 prior to 20.8.0.28, 2007 prior to 20.7.0.14,2006 prior to 20.6.0.19, 2005 prior to 20.5.0.46, 2004 prior to 20.4.0.21, 2003 prior to 20.3.0.23, 2001 prior to...

6.1CVSS6.3AI score0.00796EPSS
Exploits1References2
Prion
Prion
added 2021/05/11 2:15 p.m.14 views

Cross site scripting

VMware Workspace one UEM console 2102 prior to 21.2.0.8, 2101 prior to 21.1.0.14, 2011 prior to 20.11.0.27, 2010 prior to 20.10.0.16,2008 prior to 20.8.0.28, 2007 prior to 20.7.0.14,2006 prior to 20.6.0.19, 2005 prior to 20.5.0.46, 2004 prior to 20.4.0.21, 2003 prior to 20.3.0.23, 2001 prior to...

4.3CVSS5.9AI score0.00796EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2021/05/11 1:29 p.m.30 views

CVE-2021-21990

VMware Workspace one UEM console 2102 prior to 21.2.0.8, 2101 prior to 21.1.0.14, 2011 prior to 20.11.0.27, 2010 prior to 20.10.0.16,2008 prior to 20.8.0.28, 2007 prior to 20.7.0.14,2006 prior to 20.6.0.19, 2005 prior to 20.5.0.46, 2004 prior to 20.4.0.21, 2003 prior to 20.3.0.23, 2001 prior to...

6.2AI score0.00796EPSS
Exploits1References2
CVE
CVE
added 2021/05/11 1:29 p.m.64 views

CVE-2021-21990

The CVE-2021-21990 entry describes a cross-site scripting (XSS) vulnerability in VMware Workspace ONE UEM Console. Affected versions (as listed in the CVE) include multiple 20.x/19.x lines (various build numbers) prior to the specified fixed releases. Root cause: the console does not validate inc...

6.1CVSS5.9AI score0.00796EPSS
Exploits1References2Affected Software1
VMware
VMware
added 2021/05/11 12:0 a.m.34 views

VMware Workspace ONE UEM console patches address a cross-site scripting vulnerability (CVE-2021-21990)

3. Cross Site Scripting XSS vulnerability in VMware Workspace ONE UEM console CVE-2021-21990 VMware Workspace ONE UEM console does not validate an incoming request during device enrollment.VMware has evaluated the severity of this issue to be in the low severity range with a maximum CVSSv3 base...

4.3CVSS6.1AI score0.00796EPSS
Exploits1References19Affected Software1
Rows per page
Query Builder