CVE-2021-22056

VMware Workspace ONE Access 21.08, 20.10.0.1, and 20.10 and Identity Manager 3.3.5, 3.3.4, and 3.3.3 contain an SSRF vulnerability. A malicious actor with network access may be able to make HTTP requests to arbitrary origins and read the full response.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:vmware:identity_manager:3.3.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:identity_manager:3.3.4:*:*:*:*:*:*:*
cpe:2.3:a:vmware:identity_manager:3.3.5:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vrealize_automation:7.6:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vrealize_automation:*:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workspace_one_access:20.10:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workspace_one_access:20.10.01:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workspace_one_access:21.08:*:*:*:*:*:*:*
cpe:2.3:a:vmware:workspace_one_access:21.08.01:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

Information

Published : 2021-12-20 13:15

Updated : 2022-01-03 10:53


NVD link : CVE-2021-22056

Mitre link : CVE-2021-22056


JSON object : View

CWE
CWE-918

Server-Side Request Forgery (SSRF)

Advertisement

dedicated server usa

Products Affected

vmware

  • vrealize_automation
  • identity_manager
  • workspace_one_access

linux

  • linux_kernel