559 matches found
Vulnerability fixed in VMware Workspace ONE
VMware has fixed a vulnerability in Workspace ONE. The vulnerability allows a malicious party with access to /API/system/admins/session the ability to perform a Denial of Service execution. VMware categorizes this vulnerability according to the CVSSv3 method with a score of 5.8. VMware has releas...
Vmware Workspace One 安全漏洞
Vmware Vmware Workspace One is a platform for supporting cross-device applications for rapid delivery and management of applications from Vmware, USA. The platform, which includes VMware Horizon and VMware Horizon Cloud, integrates access control, application management, and multi-platform endpoi...
VMware Workspace ONE UEM console patches address a denial of service vulnerability (CVE-2021-22029)
3. Advisory Details VMware Workspace ONE UEM REST API contains a denial of service vulnerability. VMware has evaluated this issue to be of 'Moderate' severity with a maximum CVSSv3 base score of 5.3...
The vulnerabilities of the VMware Identity Manager (vIDM), vRealize Automation, Workspace ONE Access, Cloud Foundation, and vRealize Suite Lifecycle Manager software are related to insufficient validation of incoming requests. This allows attackers to execute SSRF attacks.
The vulnerabilities of VMware Identity Manager vIDM, vRealize Automation, Workspace ONE Access, Cloud Foundation, and vRealize Suite Lifecycle Manager are related to insufficient validation of incoming requests. Exploiting these vulnerabilities allows a malicious actor to execute an SSRF attack b...
The vulnerability of the VMware Identity Manager (vIDM), Workspace ONE Access, Cloud Foundation, and vRealize Suite Lifecycle Manager lies in the transmission of data through an unprotected primary channel, allowing attackers to circumvent existing security restrictions.
The vulnerability of the VMware Identity Manager vIDM, Workspace ONE Access, Cloud Foundation, and vRealize Suite Lifecycle Manager lies in the transmission of data through an unprotected primary channel. Exploiting this vulnerability allows a malicious actor to circumvent existing security...
VulnCheck KEV: CVE-2022-22972
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate...
VMware Workspace One Access / VMware Identity Manager Multiple Vulnerabilities (VMSA-2021-0016)
The VMware Workspace One Access formerly VMware Identity Manager application running on the remote host is affected by the following vulnerabilities: - A security bypass vulnerability exists in due to improper validation of host headers. An unauthenticated, remote attacker can exploit this, via a...
Vulnerabilities fixed in VMware Workspace One Access and Identity Manager
VMware has fixed vulnerabilities in Workspace One Access and Identity Manager, as used by VMware Cloud Foundation, Identity Manager, Workspace One Access and vRealize. A unauthenticated malicious party could potentially exploit them to gain access to sensitive system data. VMware has released...
Vmware Workspace One 信息泄露漏洞
Vmware Vmware Workspace One is a platform for supporting cross-device applications for rapid delivery and management of applications from Vmware, USA. The platform, which includes VMware Horizon and VMware Horizon Cloud, integrates access control, application management, and multi-platform endpoi...
VMSA-2021-0016:VMware Workspace ONE Access, Identity Manager and vRealize Automation address multiple vulnerabilities
Advisory ID: VMSA-2021-0016.2 CVSSv3 Range: 3.7-8.6 Issue Date:2021-08-05 Updated On: 2021-11-12 CVEs: CVE-2021-22002, CVE-2021-22003 Synopsis: VMware Workspace ONE Access, Identity Manager and vRealize Automation address multiple vulnerabilities CVE-2021-22002, CVE-2021-22003 RSS Feed Download P...
Workspace ONE Intelligent Hub 20.3.8.0 - 'VMware Hub Health Monitoring Service' Unquoted Service Path
Exploit Title: Workspace ONE Intelligent Hub 20.3.8.0 - 'VMware Hub Health Monitoring Service' Unquoted Service Path Discovery by: Ismael Nava Discovery Date: 06-16-2021 Vendor Homepage: https://www.vmware.com/mx/products/workspace-one/intelligent-hub.html Software Links : https://getwsone.com/...
Workspace ONE Intelligent Hub 20.3.8.0 - (VMware Hub Health Monitoring Service) Unquoted Service Pat
Exploit Title: Workspace ONE Intelligent Hub 20.3.8.0 - 'VMware Hub Health Monitoring Service' Unquoted Service Path Discovery by: Ismael Nava Vendor Homepage: https://www.vmware.com/mx/products/workspace-one/intelligent-hub.html Software Links : https://getwsone.com/ Tested Version: 20.3.8.0...
Vulnerability fixed in VMware Workspace ONE UEM
VMware has fixed a vulnerability in Workspace ONE UEM console. An unauthenticated remote malicious person can exploit the exploit the vulnerability to perform a Cross-Site Scripting XSS attack. Such an attack could result in the execution of arbitrary script code in the browser used to visit the...
The vulnerability of VMware Workspace One’s software products stems from the lack of measures taken to protect the structure of the web page. This allows attackers to compromise the confidentiality and integrity of the protected information.
The vulnerability of VMware Workspace One’s software products exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality and integrity of the protected information...
CVE-2021-21990
VMware Workspace one UEM console 2102 prior to 21.2.0.8, 2101 prior to 21.1.0.14, 2011 prior to 20.11.0.27, 2010 prior to 20.10.0.16,2008 prior to 20.8.0.28, 2007 prior to 20.7.0.14,2006 prior to 20.6.0.19, 2005 prior to 20.5.0.46, 2004 prior to 20.4.0.21, 2003 prior to 20.3.0.23, 2001 prior to...
CVE-2021-21990
VMware Workspace one UEM console 2102 prior to 21.2.0.8, 2101 prior to 21.1.0.14, 2011 prior to 20.11.0.27, 2010 prior to 20.10.0.16,2008 prior to 20.8.0.28, 2007 prior to 20.7.0.14,2006 prior to 20.6.0.19, 2005 prior to 20.5.0.46, 2004 prior to 20.4.0.21, 2003 prior to 20.3.0.23, 2001 prior to...
Cross site scripting
VMware Workspace one UEM console 2102 prior to 21.2.0.8, 2101 prior to 21.1.0.14, 2011 prior to 20.11.0.27, 2010 prior to 20.10.0.16,2008 prior to 20.8.0.28, 2007 prior to 20.7.0.14,2006 prior to 20.6.0.19, 2005 prior to 20.5.0.46, 2004 prior to 20.4.0.21, 2003 prior to 20.3.0.23, 2001 prior to...
CVE-2021-21990
VMware Workspace one UEM console 2102 prior to 21.2.0.8, 2101 prior to 21.1.0.14, 2011 prior to 20.11.0.27, 2010 prior to 20.10.0.16,2008 prior to 20.8.0.28, 2007 prior to 20.7.0.14,2006 prior to 20.6.0.19, 2005 prior to 20.5.0.46, 2004 prior to 20.4.0.21, 2003 prior to 20.3.0.23, 2001 prior to...
CVE-2021-21990
The CVE-2021-21990 entry describes a cross-site scripting (XSS) vulnerability in VMware Workspace ONE UEM Console. Affected versions (as listed in the CVE) include multiple 20.x/19.x lines (various build numbers) prior to the specified fixed releases. Root cause: the console does not validate inc...
VMware Workspace ONE UEM console patches address a cross-site scripting vulnerability (CVE-2021-21990)
3. Cross Site Scripting XSS vulnerability in VMware Workspace ONE UEM console CVE-2021-21990 VMware Workspace ONE UEM console does not validate an incoming request during device enrollment.VMware has evaluated the severity of this issue to be in the low severity range with a maximum CVSSv3 base...