CVE-2021-22002

VMware Workspace ONE Access and Identity Manager, allow the /cfg web app and diagnostic endpoints, on port 8443, to be accessed via port 443 using a custom host header. A malicious actor with network access to port 443 could tamper with host headers to facilitate access to the /cfg web app, in...

VMware Workspace One Access / VMware Identity Manager Multiple Vulnerabilities (VMSA-2021-0016)

The VMware Workspace One Access formerly VMware Identity Manager application running on the remote host is affected by the following vulnerabilities: - A security bypass vulnerability exists in due to improper validation of host headers. An unauthenticated, remote attacker can exploit this, via a...

VMware Issues Patches to Fix Critical Bugs Affecting Multiple Products

VMware has released security updates for multiple products to address a critical vulnerability that could be exploited to gain access to confidential information. Tracked as CVE-2021-22002 CVSS score: 8.6 and CVE-2021-22003 CVSS score: 3.7, the flaws affect VMware Workspace One Access Access,...

VMSA-2021-0016:VMware Workspace ONE Access, Identity Manager and vRealize Automation address multiple vulnerabilities

Advisory ID: VMSA-2021-0016.2 CVSSv3 Range: 3.7-8.6 Issue Date:2021-08-05 Updated On: 2021-11-12 CVEs: CVE-2021-22002, CVE-2021-22003 Synopsis: VMware Workspace ONE Access, Identity Manager and vRealize Automation address multiple vulnerabilities CVE-2021-22002, CVE-2021-22003 RSS Feed Download P...