VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a reflected cross-site scripting (XSS) vulnerability. Due to improper user input sanitization, a malicious actor with some user interaction may be able to inject javascript code in the target user's window.
2022-08-05T16:15:12.900
2024-11-21T07:05:04.837
Modified
CVSSv3.1: 6.1 (MEDIUM)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | vmware | identity_manager | 3.3.4 | Yes |
| Application | vmware | identity_manager | 3.3.5 | Yes |
| Application | vmware | identity_manager | 3.3.6 | Yes |
| Application | vmware | one_access | 21.08.0.0 | Yes |
| Application | vmware | one_access | 21.08.0.1 | Yes |
| Operating System | linux | linux_kernel | - | No |
| Application | vmware | access_connector | 21.08.0.0 | Yes |
| Application | vmware | access_connector | 21.08.0.1 | Yes |
| Application | vmware | access_connector | 22.05 | Yes |
| Application | vmware | identity_manager_connector | 3.3.4 | Yes |
| Application | vmware | identity_manager_connector | 3.3.5 | Yes |
| Application | vmware | identity_manager_connector | 3.3.6 | Yes |
| Application | vmware | identity_manager_connector | 19.03.0.1 | Yes |
| Operating System | microsoft | windows | - | No |