VMware Workspace ONE Access 21.08, 20.10.0.1, and 20.10 and Identity Manager 3.3.5, 3.3.4, and 3.3.3 contain an SSRF vulnerability. A malicious actor with network access may be able to make HTTP requests to arbitrary origins and read the full response.
References
Link | Resource |
---|---|
https://www.vmware.com/security/advisories/VMSA-2021-0030.html | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2021-12-20 13:15
Updated : 2022-01-03 10:53
NVD link : CVE-2021-22056
Mitre link : CVE-2021-22056
JSON object : View
CWE
CWE-918
Server-Side Request Forgery (SSRF)
Products Affected
vmware
- vrealize_automation
- identity_manager
- workspace_one_access
linux
- linux_kernel