CVSS: 7.8EPSS: 1%CPEs: 14EXPL: 0CVE-2022-31662
https://notcve.org/view.php?id=CVE-2022-31662
05 Aug 2022 — VMware Workspace ONE Access, Identity Manager, Connectors and vRealize Automation contain a path traversal vulnerability. A malicious actor with network access may be able to access arbitrary files. VMware Workspace ONE Access, Identity Manager, Connectors y vRealize Automation contienen una vulnerabilidad de salto de ruta. Un actor malicioso con acceso a la red puede ser capaz de acceder a archivos arbitrarios • https://www.vmware.com/security/advisories/VMSA-2022-0021.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 7%CPEs: 14EXPL: 1CVE-2022-31660 – VMware Workspace ONE Access Privilege Escalation
https://notcve.org/view.php?id=CVE-2022-31660
04 Aug 2022 — VMware Workspace ONE Access, Identity Manager and vRealize Automation contains a privilege escalation vulnerability. A malicious actor with local access can escalate privileges to 'root'. VMware Workspace ONE Access, Identity Manager y vRealize Automation contienen una vulnerabilidad de escalada de privilegios. Un actor malicioso con acceso local puede escalar los privilegios a "root" VMware Workspace ONE Access contains a vulnerability whereby the horizon user can escalate their privileges to those of the ... • https://packetstorm.news/files/id/167973 •