CVE-2021-22056
published 2021-12-20CVE-2021-22056: VMware Workspace ONE Access 21.08, 20.10.0.1, and 20.10 and Identity Manager 3.3.5, 3.3.4, and 3.3.3 contain an SSRF vulnerability. A malicious actor with…
high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
VMware Workspace ONE Access 21.08, 20.10.0.1, and 20.10 and Identity Manager 3.3.5, 3.3.4, and 3.3.3 contain an SSRF vulnerability. A malicious actor with network access may be able to make HTTP requests to arbitrary origins and read the full response.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| vmware | identity_manager | — | — |
| vmware | identity_manager | — | — |
| vmware | identity_manager | — | — |
| vmware | vrealize_automation | — | — |
| vmware | vrealize_automation | 8.0 – 8.6 | — |
| vmware | workspace_one_access | — | — |
| vmware | workspace_one_access | — | — |
| vmware | workspace_one_access | — | — |
| vmware | workspace_one_access | — | — |