CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
61.0%
VMware Workspace ONE Access and Identity Manager contain an authenticated remote code execution vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.2.
Vendor | Product | Version | CPE |
---|---|---|---|
vmware | access | 21.08.0.0 | cpe:2.3:a:vmware:access:21.08.0.0:*:*:*:*:linux:*:* |
vmware | access | 21.08.0.1 | cpe:2.3:a:vmware:access:21.08.0.1:*:*:*:*:linux:*:* |
vmware | cloud_foundation | - | cpe:2.3:a:vmware:cloud_foundation:-:*:*:*:*:*:*:* |
microsoft | windows | - | cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
vmware | identity_manager | 3.3.6 | cpe:2.3:a:vmware:identity_manager:3.3.6:*:*:*:*:*:*:* |