CVE-2021-22057

8.8HIGH

Key Information:

Vendor
Vmware
Vendor
CVE Published:
20 December 2021

Summary

VMware Workspace ONE Access 21.08, 20.10.0.1, and 20.10 contain an authentication bypass vulnerability. A malicious actor, who has successfully provided first-factor authentication, may be able to obtain second-factor authentication provided by VMware Verify.

Affected Version(s)

VMware Workspace ONE Access VMware Workspace ONE Access 21.08, 20.10.0.1, and 20.10

References

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.