Lucene search
HistoryAug 05, 2022 - 4:15 p.m.
CVE-2022-31657
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
52.8%
VMware Workspace ONE Access and Identity Manager contain a URL injection vulnerability. A malicious actor with network access may be able to redirect an authenticated user to an arbitrary domain.
Affected configurations
Node
vmwareidentity_managerMatch3.3.4
ORvmwareidentity_managerMatch3.3.5
ORvmwareidentity_managerMatch3.3.6
ORvmwareone_accessMatch21.08.0.0
ORvmwareone_accessMatch21.08.0.1
linuxlinux_kernelMatch-
Node
vmwareaccess_connectorMatch21.08.0.0
ORvmwareaccess_connectorMatch21.08.0.1
ORvmwareaccess_connectorMatch22.05
ORvmwareidentity_manager_connectorMatch3.3.4
ORvmwareidentity_manager_connectorMatch3.3.5
ORvmwareidentity_manager_connectorMatch3.3.6
ORvmwareidentity_manager_connectorMatch19.03.0.1
microsoftwindowsMatch-
Related
prion
prion
Design/Logic Flaw
2022-08-05 16:15:00
cve
cve
CVE-2022-31657
2022-08-05 16:15:12
cvelist
cvelist
CVE-2022-31657
2022-08-05 15:07:39
threatpost
threatpost
VMWare Urges Users to Patch Critical Authentication Bypass Bug
2022-08-03 15:23:16
thn
thn
VMware Releases Patches for Several New Flaws Affecting Multiple Products
2022-08-03 04:49:00
nessus
nessus
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
52.8%
Related for NVD:CVE-2022-31657