SSRF Vulnerability in VMware Workspace ONE Access and Identity Manager
CVE-2021-22056

7.5HIGH

Key Information:

Vendor: Vmware
Status: Vmware Workspace One Access And Identity Manager
Vendor: CVE Published:; 20 December 2021

What is CVE-2021-22056?

VMware Workspace ONE Access and Identity Manager are susceptible to a Server Side Request Forgery (SSRF) vulnerability, which allows an attacker with network access to send crafted HTTP requests to arbitrary origins. This could enable the attacker to read the response from these requests, potentially leading to unauthorized information disclosure and further exploitation of the vulnerable system. Organizations using the affected versions should promptly apply recommended security patches to mitigate the risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

VMware Workspace ONE Access and Identity Manager VMware Workspace ONE Access 21.08, 20.10.0.1, and 20.10 and Identity Manager 3.3.5, 3.3.4, and 3.3.3

References

https://www.vmware.com/security/advisories/VMSA-2021-0030...

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 20, 2021
Vulnerability Reserved
Jan 4, 2021

JSON

Vmware

What is CVE-2021-22056?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.