CVE-2022-31657
published 2022-08-05CVE-2022-31657: VMware Workspace ONE Access and Identity Manager contain a URL injection vulnerability. A malicious actor with network access may be able to redirect an…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
VMware Workspace ONE Access and Identity Manager contain a URL injection vulnerability. A malicious actor with network access may be able to redirect an authenticated user to an arbitrary domain.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| vmware | access_connector | — | — |
| vmware | access_connector | — | — |
| vmware | access_connector | — | — |
| vmware | identity_manager | — | — |
| vmware | identity_manager | — | — |
| vmware | identity_manager | — | — |
| vmware | identity_manager_connector | — | — |
| vmware | identity_manager_connector | — | — |
| vmware | identity_manager_connector | — | — |
| vmware | identity_manager_connector | — | — |
| vmware | one_access | — | — |
| vmware | one_access | — | — |