Total vulnerabilities in the database
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate.
| Software | From | Fixed in |
|---|---|---|
| vmware / identity_manager | 3.3.4 | 3.3.4.x |
| vmware / identity_manager | 3.3.5 | 3.3.5.x |
| vmware / identity_manager | 3.3.6 | 3.3.6.x |
| vmware / one_access | 21.08.0.0 | 21.08.0.0.x |
| vmware / one_access | 21.08.0.1 | 21.08.0.1.x |
| vmware / access_connector | 21.08.0.0 | 21.08.0.0.x |
| vmware / access_connector | 21.08.0.1 | 21.08.0.1.x |
| vmware / access_connector | 22.05 | 22.05.x |
| vmware / identity_manager_connector | 3.3.4 | 3.3.4.x |
| vmware / identity_manager_connector | 3.3.5 | 3.3.5.x |
| vmware / identity_manager_connector | 3.3.6 | 3.3.6.x |
| vmware / identity_manager_connector | 19.03.0.1 | 19.03.0.1.x |