Vmware: >> Workspace One Access >> 21.08.0.1 Security Vulnerabilities
CVE-2022-22954
VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-side template injection. A malicious actor with network access can trigger a server-side template injection that may result in remote code execution.
Known exploited
CVSS Score
9.8
EPSS Score
0.944
Published
2022-04-11
VMware Workspace ONE Access 21.08, 20.10.0.1, and 20.10 contain an authentication bypass vulnerability. A malicious actor, who has successfully provided first-factor authentication, may be able to obtain second-factor authentication provided by VMware Verify.
CVSS Score
8.8
EPSS Score
0.002
Published
2021-12-20
Page 2