Back to KEVs

CVE-2020-4006

VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address have a command injection vulnerability.

Basic Information

CVE State
PUBLISHED
Reserved Date
December 30, 2019
Published Date
November 23, 2020
Last Updated
February 04, 2025
Vendor
n/a
Product
VMware Workspace One Access (Access), VMware Workspace One Access Connector (Access Connector), VMware Identity Manager (vIDM), VMware Identity Manager Connector (vIDM Connector), VMware Cloud Foundation, vRealize Suite Lifecycle Manager
Description
VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address have a command injection vulnerability.

CVSS Scores

SSVC Information

Exploitation
active
Technical Impact
total

Exploit Status

Exploited in the Wild
Yes (added 2021-11-03 00:00:00 UTC) Source

References

https://www.vmware.com/security/advisories/VMSA-2020-0027.html

Known Exploited Vulnerability Information

Source Added Date
CISA 2021-11-03 00:00:00 UTC