Vulnerabilities > Vmware > Identity Manager > 3.3.2

DATE CVE VULNERABILITY TITLE RISK
2021-08-31 CVE-2021-22002 Improper Authentication vulnerability in VMWare products
VMware Workspace ONE Access and Identity Manager, allow the /cfg web app and diagnostic endpoints, on port 8443, to be accessed via port 443 using a custom host header.
network
low complexity
vmware CWE-287
7.5
7.5
2021-08-31 CVE-2021-22003 Improper Restriction of Excessive Authentication Attempts vulnerability in VMWare products
VMware Workspace ONE Access and Identity Manager, unintentionally provide a login interface on port 7443.
network
low complexity
vmware CWE-307
5.0
5.0
2020-11-23 CVE-2020-4006 Command Injection vulnerability in VMWare products
VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address have a command injection vulnerability.
network
low complexity
vmware CWE-77
critical
 9.0
9.0