Access Connector Security Vulnerabilities and Issues — Access Connector CVE List

Lucene search

VmwareAccess Connector

9 matches found

CVE•added 2022/08/05 4:15 p.m.•403 views

CVE-2022-31656

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate.

9.8CVSS9.1AI score0.82739EPSS

In wildWeb

CVE•added 2022/08/05 4:15 p.m.•166 views

CVE-2022-31659

VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability. A malicious actor with administrator and network access can trigger a remote code execution.

7.2CVSS8.5AI score0.03351EPSS

CVE•added 2022/08/05 4:15 p.m.•158 views

CVE-2022-31658

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a remote code execution vulnerability. A malicious actor with administrator and network access can trigger a remote code execution.

7.2CVSS8.5AI score0.07727EPSS

CVE•added 2022/08/05 4:15 p.m.•127 views

CVE-2022-31664

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability. A malicious actor with local access can escalate privileges to 'root'.

7.8CVSS8.7AI score0.00232EPSS

CVE•added 2022/08/05 4:15 p.m.•117 views

CVE-2022-31661

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two privilege escalation vulnerabilities. A malicious actor with local access can escalate privileges to 'root'.

7.8CVSS8.7AI score0.0017EPSS

CVE•added 2022/08/05 4:15 p.m.•99 views

CVE-2022-31660

VMware Workspace ONE Access, Identity Manager and vRealize Automation contains a privilege escalation vulnerability. A malicious actor with local access can escalate privileges to 'root'.

7.8CVSS8.6AI score0.11152EPSS

CVE•added 2022/08/05 4:15 p.m.•95 views

CVE-2022-31663

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a reflected cross-site scripting (XSS) vulnerability. Due to improper user input sanitization, a malicious actor with some user interaction may be able to inject javascript code in the target user's window.

6.1CVSS7.1AI score0.01485EPSS

CVE•added 2022/08/05 4:15 p.m.•85 views

CVE-2022-31657

VMware Workspace ONE Access and Identity Manager contain a URL injection vulnerability. A malicious actor with network access may be able to redirect an authenticated user to an arbitrary domain.

9.8CVSS9.2AI score0.02393EPSS

CVE•added 2022/08/05 4:15 p.m.•78 views

CVE-2022-31662

VMware Workspace ONE Access, Identity Manager, Connectors and vRealize Automation contain a path traversal vulnerability. A malicious actor with network access may be able to access arbitrary files.

7.5CVSS8.4AI score0.02323EPSS