CVE-2021-22056

Summary

VMware Workspace ONE Access 21.08, 20.10.0.1, and 20.10 and Identity Manager 3.3.5, 3.3.4, and 3.3.3 contain an SSRF vulnerability. A malicious actor with network access may be able to make HTTP requests to arbitrary origins and read the full response.

Affected Software

VendorProductVersion RangeStatus
n/aVMware Workspace ONE Access and Identity ManagerVMware Workspace ONE Access 21.08, 20.10.0.1, and 20.10 and Identity Manager 3.3.5, 3.3.4, and 3.3.3affected

Weaknesses

  • VMware Workspace Access and Identity Manager patches SSRF vulnerability

ADP Enrichment

CVE Program Container

Additional References

References