CVE-2020-4006

Published: Nov 23, 2020
Updated: Apr 14, 2023
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-4006" target="_blank" rel="noopener"> CVE-2020-4006
Severity: Critical
Exploit:

VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address have a command injection vulnerability.

CVSS v3:

CVSS v2:

CWEs:

OWASP TOP 10:

Software	From	Fixed in
vmware / identity_manager	3.3.1	3.3.1.x
vmware / identity_manager	3.3.2	3.3.2.x
vmware / identity_manager	3.3.3	3.3.3.x
vmware / identity_manager_connector	3.3.1	3.3.1.x
vmware / identity_manager_connector	3.3.2	3.3.2.x
vmware / one_access	20.01	20.01.x
vmware / one_access	20.10	20.10.x
vmware / identity_manager_connector	3.3.3	3.3.3.x
vmware / vrealize_suite_lifecycle_manager	8.0	8.2.x
vmware / cloud_foundation	4.0	4.0.x
vmware / cloud_foundation	4.0.1	4.0.1.x