Vmware: Security Vulnerabilities
VMware Workspace ONE Access, Identity Manager and vRealize Automation contains a privilege escalation vulnerability. A malicious actor with local access can escalate privileges to 'root'.
CVSS Score
7.8
EPSS Score
0.098
Published
2022-08-05
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two privilege escalation vulnerabilities. A malicious actor with local access can escalate privileges to 'root'.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-08-05
VMware Workspace ONE Access, Identity Manager, Connectors and vRealize Automation contain a path traversal vulnerability. A malicious actor with network access may be able to access arbitrary files.
CVSS Score
7.5
EPSS Score
0.02
Published
2022-08-05
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a reflected cross-site scripting (XSS) vulnerability. Due to improper user input sanitization, a malicious actor with some user interaction may be able to inject javascript code in the target user's window.
CVSS Score
6.1
EPSS Score
0.013
Published
2022-08-05
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability. A malicious actor with local access can escalate privileges to 'root'.
CVSS Score
7.8
EPSS Score
0.002
Published
2022-08-05
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a remote code execution vulnerability. A malicious actor with administrator and network access can trigger a remote code execution.
CVSS Score
7.2
EPSS Score
0.058
Published
2022-08-05
Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure.
CVSS Score
6.5
EPSS Score
0.002
Published
2022-07-14
The vCenter Server contains a server-side request forgery (SSRF) vulnerability. A malicious actor with network access to 443 on the vCenter Server may exploit this issue by accessing a URL request outside of vCenter Server or accessing an internal service.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-07-13
VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in configurations.
CVSS Score
5.4
EPSS Score
0.013
Published
2022-07-12
VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in alerts.
CVSS Score
5.4
EPSS Score
0.013
Published
2022-07-12