CVE-2022-22961
published 2022-04-13CVE-2022-22961: VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an information disclosure vulnerability due to returning excess information. A…
medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an information disclosure vulnerability due to returning excess information. A malicious actor with remote access may leak the hostname of the target system. Successful exploitation of this issue can lead to targeting victims.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| vmware | cloud_foundation | >= 3.0 < 5.0 | 5.0 |
| vmware | identity_manager | — | — |
| vmware | identity_manager | — | — |
| vmware | identity_manager | — | — |
| vmware | identity_manager | — | — |
| vmware | vrealize_automation | — | — |
| vmware | vrealize_automation | >= 8.0 < 9.0 | 9.0 |
| vmware | vrealize_suite_lifecycle_manager | >= 8.0 < 9.0 | 9.0 |
| vmware | workspace_one_access | — | — |
| vmware | workspace_one_access | — | — |
| vmware | workspace_one_access | — | — |
| vmware | workspace_one_access | — | — |