Identity Manager Connector@3.3.6 Security Vulnerabilities and Issues — Identity Manager Connector@3.3.6 CVE List

Lucene search

VmwareIdentity Manager Connector3.3.6

11 matches found

CVE•added 2022/08/05 4:15 p.m.•381 views

CVE-2022-31656

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate.

9.8CVSS9.1AI score0.8036EPSS

CVE•added 2022/08/05 4:15 p.m.•165 views

CVE-2022-31659

VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability. A malicious actor with administrator and network access can trigger a remote code execution.

7.2CVSS8.5AI score0.05288EPSS

CVE•added 2022/08/05 4:15 p.m.•157 views

CVE-2022-31658

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a remote code execution vulnerability. A malicious actor with administrator and network access can trigger a remote code execution.

7.2CVSS8.5AI score0.10136EPSS

CVE•added 2022/08/05 4:15 p.m.•144 views

CVE-2022-31665

7.2CVSS8.5AI score0.07727EPSS

CVE•added 2022/08/05 4:15 p.m.•126 views

CVE-2022-31664

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability. A malicious actor with local access can escalate privileges to 'root'.

7.8CVSS8.7AI score0.002EPSS

CVE•added 2022/08/05 4:15 p.m.•116 views

CVE-2022-31661

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two privilege escalation vulnerabilities. A malicious actor with local access can escalate privileges to 'root'.

7.8CVSS8.7AI score0.00146EPSS

CVE•added 2022/08/05 4:15 p.m.•98 views

CVE-2022-31660

VMware Workspace ONE Access, Identity Manager and vRealize Automation contains a privilege escalation vulnerability. A malicious actor with local access can escalate privileges to 'root'.

7.8CVSS8.6AI score0.08196EPSS

CVE•added 2022/08/05 4:15 p.m.•94 views

CVE-2022-31663

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a reflected cross-site scripting (XSS) vulnerability. Due to improper user input sanitization, a malicious actor with some user interaction may be able to inject javascript code in the target user's window.

6.1CVSS7.1AI score0.01281EPSS

CVE•added 2022/08/05 4:15 p.m.•84 views

CVE-2022-31657

VMware Workspace ONE Access and Identity Manager contain a URL injection vulnerability. A malicious actor with network access may be able to redirect an authenticated user to an arbitrary domain.

9.8CVSS9.2AI score0.02068EPSS

CVE•added 2022/08/05 4:15 p.m.•77 views

CVE-2022-31662

VMware Workspace ONE Access, Identity Manager, Connectors and vRealize Automation contain a path traversal vulnerability. A malicious actor with network access may be able to access arbitrary files.

7.5CVSS8.4AI score0.02008EPSS

CVE•added 2022/12/14 7:15 p.m.•68 views

CVE-2022-31701

VMware Workspace ONE Access and Identity Manager contain a broken authentication vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.3.

5.3CVSS6AI score0.0018EPSS