Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.1
CVSSv3

CVE-2022-31663

Published: 05/08/2022 Updated: 11/08/2022
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8
VMScore: 0
Subscribe to Identity Manager

Vulnerability Summary

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a reflected cross-site scripting (XSS) vulnerability. Due to improper user input sanitization, a malicious actor with some user interaction may be able to inject javascript code in the target user's window.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

vmware identity_manager 3.3.4

vmware identity_manager 3.3.5

vmware identity_manager 3.3.6

vmware one_access 21.08.0.1

vmware one_access 21.08.0.0

vmware identity_manager_connector 3.3.4

vmware identity_manager_connector 3.3.5

vmware identity_manager_connector 3.3.6

vmware identity_manager_connector 19.03.0.1

vmware access_connector 21.08.0.1

vmware access_connector 21.08.0.0

vmware access_connector 22.05

Vendor Advisories

VMware Security Advisories:
Sign up for Security Advisories Stay up to date on the latest VMware Security advisories and updates ...

References

CWE-79https://www.vmware.com/security/advisories/VMSA-2022-0021.htmlhttps://nvd.nist.govhttps://www.vmware.com/security/advisories/VMSA-2022-0021.html
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-34377CVE-2024-20859CVE-2023-49606injectarbitrary CVE-2024-33788CVE-2024-30973IDORCVE-2024-33907
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook