CVE-2022-22961

Summary

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an information disclosure vulnerability due to returning excess information. A malicious actor with remote access may leak the hostname of the target system. Successful exploitation of this issue can lead to targeting victims.

Affected Software

VendorProductVersion RangeStatus
n/aVMware Workspace ONE Access, Identity Manager and vRealize AutomationAccess 21.08.0.1, 21.08.0.0, 20.10.0.1, 20.10.0.0. Identity Manager 3.3.6, 3.3.5, 3.3.4, 3.3.3. vRealize Automation 7.6.affected

Weaknesses

  • Information disclosure

ADP Enrichment

CVE Program Container

Additional References

References