Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vmware identity manager vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2016-5334
VMware Identity Manager 2.x prior to 2.7.1 and vRealize Automation 7.x prior to 7.2.0 allow remote malicious users to read /SAAS/WEB-INF and /SAAS/META-INF files via unspecified vectors.
Vmware Identity Manager
Vmware Vrealize Automation
7.8
CVSSv3
CVE-2016-5335
VMware Identity Manager 2.x prior to 2.7 and vRealize Automation 7.0.x prior to 7.1 allow local users to obtain root access via unspecified vectors.
Vmware Identity Manager
Vmware Vrealize Automation
7.8
CVSSv3
CVE-2022-22973
VMware Workspace ONE Access and Identity Manager contain a privilege escalation vulnerability. A malicious actor with local access can escalate privileges to 'root'.
Vmware Identity Manager 3.3.3
Vmware Identity Manager 3.3.4
Vmware Identity Manager 3.3.5
Vmware Identity Manager 3.3.6
Vmware Workspace One Access 20.10.0.0
Vmware Workspace One Access 20.10.0.1
Vmware Workspace One Access 21.08.0.0
Vmware Workspace One Access 21.08.0.1
Vmware Cloud Foundation 4.0
Vmware Cloud Foundation 4.0.1
Vmware Vrealize Suite Lifecycle Manager 8.0
Vmware Vrealize Suite Lifecycle Manager 8.0.1
Vmware Vrealize Suite Lifecycle Manager 8.1
Vmware Vrealize Suite Lifecycle Manager 8.2
Vmware Cloud Foundation 4.1
Vmware Cloud Foundation 4.2.1
Vmware Cloud Foundation 4.1.0.1
Vmware Cloud Foundation 4.3.1
Vmware Cloud Foundation 4.3
Vmware Cloud Foundation 4.2
Vmware Vrealize Suite Lifecycle Manager 8.8
Vmware Vrealize Suite Lifecycle Manager 8.7
1 Article
9.8
CVSSv3
CVE-2022-22972
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate.
Vmware Identity Manager 3.3.3
Vmware Identity Manager 3.3.4
Vmware Identity Manager 3.3.5
Vmware Identity Manager 3.3.6
Vmware Vrealize Automation 7.6
Vmware Workspace One Access 20.10.0.0
Vmware Workspace One Access 20.10.0.1
Vmware Workspace One Access 21.08.0.0
Vmware Workspace One Access 21.08.0.1
Vmware Cloud Foundation 4.0
Vmware Cloud Foundation 4.0.1
Vmware Vrealize Suite Lifecycle Manager 8.0
Vmware Vrealize Suite Lifecycle Manager 8.0.1
Vmware Vrealize Suite Lifecycle Manager 8.1
Vmware Vrealize Suite Lifecycle Manager 8.2
Vmware Cloud Foundation 3.0
Vmware Cloud Foundation 3.0.1
Vmware Cloud Foundation 3.0.1.1
Vmware Cloud Foundation 3.5
Vmware Cloud Foundation 3.5.1
Vmware Cloud Foundation 3.7
Vmware Cloud Foundation 3.7.1
6 Github repositories
2 Articles
7.5
CVSSv3
CVE-2021-22003
VMware Workspace ONE Access and Identity Manager, unintentionally provide a login interface on port 7443. A malicious actor with network access to port 7443 may attempt user enumeration or brute force the login endpoint, which may or may not be practical based on lockout policy c...
Vmware Identity Manager 3.3.2
Vmware Identity Manager 3.3.3
Vmware Identity Manager 3.3.4
Vmware Identity Manager 3.3.5
Vmware Workspace One Access 20.01
Vmware Workspace One Access 20.10
Vmware Workspace One Access 20.10.01
Vmware Cloud Foundation 4.0
Vmware Cloud Foundation 4.0.1
Vmware Cloud Foundation 4.1
Vmware Cloud Foundation 4.1.0.1
Vmware Cloud Foundation 4.2.1
Vmware Vrealize Suite Lifecycle Manager 8.0
Vmware Vrealize Suite Lifecycle Manager 8.0.1
Vmware Vrealize Suite Lifecycle Manager 8.1
Vmware Vrealize Suite Lifecycle Manager 8.2
9.8
CVSSv3
CVE-2021-22002
VMware Workspace ONE Access and Identity Manager, allow the /cfg web app and diagnostic endpoints, on port 8443, to be accessed via port 443 using a custom host header. A malicious actor with network access to port 443 could tamper with host headers to facilitate access to the /c...
Vmware Identity Manager 3.3.2
Vmware Identity Manager 3.3.3
Vmware Identity Manager 3.3.4
Vmware Identity Manager 3.3.5
Vmware Workspace One Access 20.01
Vmware Workspace One Access 20.10
Vmware Workspace One Access 20.10.01
Vmware Cloud Foundation 4.0
Vmware Cloud Foundation 4.0.1
Vmware Cloud Foundation 4.1
Vmware Cloud Foundation 4.1.0.1
Vmware Cloud Foundation 4.2.1
Vmware Vrealize Suite Lifecycle Manager 8.0
Vmware Vrealize Suite Lifecycle Manager 8.0.1
Vmware Vrealize Suite Lifecycle Manager 8.1
Vmware Vrealize Suite Lifecycle Manager 8.2
9.1
CVSSv3
CVE-2020-4006
VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address have a command injection vulnerability.
Vmware Identity Manager 3.3.1
Vmware Identity Manager 3.3.2
Vmware Identity Manager 3.3.3
Vmware Identity Manager Connector 3.3.1
Vmware Identity Manager Connector 3.3.2
Vmware One Access 20.01
Vmware One Access 20.10
Vmware Identity Manager Connector 3.3.3
Vmware Cloud Foundation 4.0
Vmware Cloud Foundation 4.0.1
Vmware Vrealize Suite Lifecycle Manager
2 Articles
9.8
CVSSv3
CVE-2022-22954
VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-side template injection. A malicious actor with network access can trigger a server-side template injection that may result in remote code execution.
Vmware Identity Manager 3.3.3
Vmware Vrealize Automation 7.6
Vmware Identity Manager 3.3.4
Vmware Identity Manager 3.3.5
Vmware Vrealize Automation
Vmware Identity Manager 3.3.6
Vmware Workspace One Access 20.10.0.1
Vmware Workspace One Access 20.10.0.0
Vmware Workspace One Access 21.08.0.1
Vmware Workspace One Access 21.08.0.0
Vmware Vrealize Suite Lifecycle Manager
Vmware Cloud Foundation
1 Metasploit module
25 Github repositories
3 Articles
4.3
CVSSv3
CVE-2022-22959
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a cross site request forgery vulnerability. A malicious actor can trick a user through a cross site request forgery to unintentionally validate a malicious JDBC URI.
Vmware Cloud Foundation
Vmware Identity Manager 3.3.3
Vmware Identity Manager 3.3.4
Vmware Identity Manager 3.3.5
Vmware Identity Manager 3.3.6
Vmware Vrealize Automation 7.6
Vmware Vrealize Automation
Vmware Vrealize Suite Lifecycle Manager
Vmware Workspace One Access 20.10.0.0
Vmware Workspace One Access 20.10.0.1
Vmware Workspace One Access 21.08.0.0
Vmware Workspace One Access 21.08.0.1
7.8
CVSSv3
CVE-2022-31661
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two privilege escalation vulnerabilities. A malicious actor with local access can escalate privileges to 'root'.
Vmware Identity Manager 3.3.4
Vmware Identity Manager 3.3.5
Vmware Identity Manager 3.3.6
Vmware One Access 21.08.0.0
Vmware One Access 21.08.0.1
Vmware Access Connector 21.08.0.0
Vmware Access Connector 21.08.0.1
Vmware Access Connector 22.05
Vmware Identity Manager Connector 3.3.4
Vmware Identity Manager Connector 3.3.5
Vmware Identity Manager Connector 3.3.6
Vmware Identity Manager Connector 19.03.0.1
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »