CVE-2022-22959

Summary

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a cross site request forgery vulnerability. A malicious actor can trick a user through a cross site request forgery to unintentionally validate a malicious JDBC URI.

Affected Software

VendorProductVersion RangeStatus
n/aVMware Workspace ONE Access, Identity Manager and vRealize AutomationAccess 21.08.0.1, 21.08.0.0, 20.10.0.1, 20.10.0.0. Identity Manager 3.3.6, 3.3.5, 3.3.4, 3.3.3. vRealize Automation 7.6.affected

Weaknesses

  • Cross site request forgery

ADP Enrichment

CVE Program Container

Additional References

References