Total vulnerabilities in the database
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a cross site request forgery vulnerability. A malicious actor can trick a user through a cross site request forgery to unintentionally validate a malicious JDBC URI.
| Software | From | Fixed in |
|---|---|---|
| vmware / cloud_foundation | 3.0 | 5.0 |
| vmware / identity_manager | 3.3.3 | 3.3.3.x |
| vmware / identity_manager | 3.3.4 | 3.3.4.x |
| vmware / identity_manager | 3.3.5 | 3.3.5.x |
| vmware / identity_manager | 3.3.6 | 3.3.6.x |
| vmware / vrealize_automation | 8.0 | 9.0 |
| vmware / vrealize_automation | 7.6 | 7.6.x |
| vmware / vrealize_suite_lifecycle_manager | 8.0 | 9.0 |
| vmware / workspace_one_access | 20.10.0.0 | 20.10.0.0.x |
| vmware / workspace_one_access | 20.10.0.1 | 20.10.0.1.x |
| vmware / workspace_one_access | 21.08.0.0 | 21.08.0.0.x |
| vmware / workspace_one_access | 21.08.0.1 | 21.08.0.1.x |