Vulnerabilities > Vmware > Identity Manager > 3.3.2

DATE CVE VULNERABILITY TITLE RISK
2021-08-31 CVE-2021-22002 Improper Authentication vulnerability in VMWare products
VMware Workspace ONE Access and Identity Manager, allow the /cfg web app and diagnostic endpoints, on port 8443, to be accessed via port 443 using a custom host header.
network
low complexity
vmware CWE-287
critical
9.8
2021-08-31 CVE-2021-22003 Improper Restriction of Excessive Authentication Attempts vulnerability in VMWare products
VMware Workspace ONE Access and Identity Manager, unintentionally provide a login interface on port 7443.
network
low complexity
vmware CWE-307
7.5
2020-11-23 CVE-2020-4006 OS Command Injection vulnerability in VMWare products
VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address have a command injection vulnerability.
network
low complexity
vmware CWE-78
critical
9.1