CVE-2023-20884
published 2023-05-30CVE-2023-20884: VMware Workspace ONE Access and VMware Identity Manager contain an insecure redirect vulnerability. An unauthenticated malicious actor may be able to redirect…
medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
VMware Workspace ONE Access and VMware Identity Manager contain an insecure redirect vulnerability. An unauthenticated malicious actor may be able to redirect a victim to an attacker controlled domain due to improper path handling leading to sensitive information disclosure.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| vmware | identity_manager | — | — |
| vmware | identity_manager | — | — |
| vmware | workspace_one_access | 21.0.8.0 – 22.09.1.0 | — |