The vulnerability of the VMware Workspace ONE Access application management platform, the VMware Cloud Foundation virtualization platform, the VMware vRealize Automation virtual infrastructure management tool, the vRealize Suite Lifecycle Manager application lifecycle management software, and the VMware Identity Manager (vIDM) administration console lies in insufficient checks on the HTTP request source. This allows attackers to carry out CSRF attacks.

The vulnerabilities of the application management platform VMware Workspace ONE Access, the virtualization platform VMware Cloud Foundation, the virtual infrastructure management tool VMware vRealize Automation, the application lifecycle management software vRealize Suite Lifecycle Manager, and t...