Overview
- Description
- VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address have a command injection vulnerability.
- Source
- security@vmware.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 9.1
- Impact score
- 6
- Exploitability score
- 2.3
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
CVSS 2.0
- Type
- Primary
- Base score
- 9
- Impact score
- 10
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:C/I:C/A:C
Known exploits
Data from CISA
- Vulnerability name
- Multiple VMware Products Command Injection Vulnerability
- Exploit added on
- Nov 3, 2021
- Exploit action due
- May 3, 2022
- Required action
- Apply updates per vendor instructions.
Weaknesses
- nvd@nist.gov
- CWE-78
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E7DAA017-7535-47D6-A4C7-59F69ED0F43F"
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "22BC2D96-5922-4995-B006-1BAB5FE51D93"
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "97D98937-489B-4AA5-B99E-9AB639C582CA"
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager_connector:3.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4CFFC72D-0068-49D0-B816-706CC2A2389C"
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager_connector:3.3.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EE9DF6CB-58CF-49BE-B61C-F5115B333E81"
},
{
"criteria": "cpe:2.3:a:vmware:one_access:20.01:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1A251628-E02A-42B2-85E4-71C2B6F09BF3"
},
{
"criteria": "cpe:2.3:a:vmware:one_access:20.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D86477D5-C441-490C-A9D3-9CDE47542191"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:identity_manager_connector:3.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4CFFC72D-0068-49D0-B816-706CC2A2389C"
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager_connector:3.3.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EE9DF6CB-58CF-49BE-B61C-F5115B333E81"
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager_connector:3.3.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1D035B36-3D87-494F-B147-6D03F2B1A375"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "38EB0C0C-56CF-4A8F-A36F-E0E180B9059E"
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A54544F5-5929-4609-A91C-FCA0FDBFE862"
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E4767C7D-8165-43A6-8F16-12F8EE65FDFB",
"versionEndIncluding": "8.2",
"versionStartIncluding": "8.0"
}
],
"operator": "OR"
}
]
}
]