) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:vmware:identity_manager_connector:3.3.4:*:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2023-20884 |
VMware Workspace ONE Access and VMware Identity Manager contain an insecure redirect vulnerability. An unauthenticated malicious actor may be able to redirect a victim to an attacker controlled domain due to improper path handling leading to sensitive information disclosure. Published: May 30, 2023; 12:15:09 PM -0400 |
V3.1: 6.1 MEDIUM V2.0:(not available) |
| CVE-2022-31665 |
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a remote code execution vulnerability. A malicious actor with administrator and network access can trigger a remote code execution. Published: August 05, 2022; 12:15:12 PM -0400 |
V3.1: 7.2 HIGH V2.0:(not available) |
| CVE-2022-31664 |
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability. A malicious actor with local access can escalate privileges to 'root'. Published: August 05, 2022; 12:15:12 PM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2022-31663 |
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a reflected cross-site scripting (XSS) vulnerability. Due to improper user input sanitization, a malicious actor with some user interaction may be able to inject javascript code in the target user's window. Published: August 05, 2022; 12:15:12 PM -0400 |
V3.1: 6.1 MEDIUM V2.0:(not available) |
| CVE-2022-31662 |
VMware Workspace ONE Access, Identity Manager, Connectors and vRealize Automation contain a path traversal vulnerability. A malicious actor with network access may be able to access arbitrary files. Published: August 05, 2022; 12:15:12 PM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
| CVE-2022-31661 |
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two privilege escalation vulnerabilities. A malicious actor with local access can escalate privileges to 'root'. Published: August 05, 2022; 12:15:12 PM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2022-31660 |
VMware Workspace ONE Access, Identity Manager and vRealize Automation contains a privilege escalation vulnerability. A malicious actor with local access can escalate privileges to 'root'. Published: August 05, 2022; 12:15:12 PM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2022-31659 |
VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability. A malicious actor with administrator and network access can trigger a remote code execution. Published: August 05, 2022; 12:15:12 PM -0400 |
V3.1: 7.2 HIGH V2.0:(not available) |
| CVE-2022-31658 |
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a remote code execution vulnerability. A malicious actor with administrator and network access can trigger a remote code execution. Published: August 05, 2022; 12:15:12 PM -0400 |
V3.1: 7.2 HIGH V2.0:(not available) |
| CVE-2022-31657 |
VMware Workspace ONE Access and Identity Manager contain a URL injection vulnerability. A malicious actor with network access may be able to redirect an authenticated user to an arbitrary domain. Published: August 05, 2022; 12:15:12 PM -0400 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
| CVE-2022-31656 |
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate. Published: August 05, 2022; 12:15:12 PM -0400 |
V3.1: 9.8 CRITICAL V2.0:(not available) |