Shodan
Vulnerabilities
Vulnerable Software
Vmware:  >> Access Connector  Security Vulnerabilities
CVE-2022-31656
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate.
CVSS Score
9.8
EPSS Score
0.804
Published
2022-08-05
CVE-2022-31657
VMware Workspace ONE Access and Identity Manager contain a URL injection vulnerability. A malicious actor with network access may be able to redirect an authenticated user to an arbitrary domain.
CVSS Score
9.8
EPSS Score
0.019
Published
2022-08-05
CVE-2022-31658
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a remote code execution vulnerability. A malicious actor with administrator and network access can trigger a remote code execution.
CVSS Score
7.2
EPSS Score
0.1
Published
2022-08-05
CVE-2022-31659
VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability. A malicious actor with administrator and network access can trigger a remote code execution.
CVSS Score
7.2
EPSS Score
0.058
Published
2022-08-05
CVE-2022-31660
VMware Workspace ONE Access, Identity Manager and vRealize Automation contains a privilege escalation vulnerability. A malicious actor with local access can escalate privileges to 'root'.
CVSS Score
7.8
EPSS Score
0.082
Published
2022-08-05
CVE-2022-31661
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two privilege escalation vulnerabilities. A malicious actor with local access can escalate privileges to 'root'.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-08-05
CVE-2022-31662
VMware Workspace ONE Access, Identity Manager, Connectors and vRealize Automation contain a path traversal vulnerability. A malicious actor with network access may be able to access arbitrary files.
CVSS Score
7.5
EPSS Score
0.019
Published
2022-08-05
CVE-2022-31663
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a reflected cross-site scripting (XSS) vulnerability. Due to improper user input sanitization, a malicious actor with some user interaction may be able to inject javascript code in the target user's window.
CVSS Score
6.1
EPSS Score
0.013
Published
2022-08-05
CVE-2022-31664
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability. A malicious actor with local access can escalate privileges to 'root'.
CVSS Score
7.8
EPSS Score
0.002
Published
2022-08-05


Products
Pricing
Contact Us

Shodan ® - All rights reserved