CyberSec.Space Logo
CVEブラウザに戻る

CVE-2020-4006

Known Exploited (CISA KEV)CRITICAL
9.1
CVSS Severity Score
EPSS Score54.8400%
EPSS Percentile96.43th
Published2020年11月23日
Last Modified2025年10月30日

Vulnerability Description

VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address have a command injection vulnerability.

Affected Platforms (CPE)

📦
Vmware

Identity Manager

= 3.3.1
📦
Vmware

Identity Manager

= 3.3.2
📦
Vmware

Identity Manager

= 3.3.3
📦
Vmware

Identity Manager Connector

= 3.3.1
📦
Vmware

Identity Manager Connector

= 3.3.2
📦
Vmware

One Access

= 20.01
📦
Vmware

One Access

= 20.10
📦
Vmware

Identity Manager Connector

= 3.3.3
📦
Vmware

Cloud Foundation

= 4.0
📦
Vmware

Cloud Foundation

= 4.0.1
📦
Vmware

Vrealize Suite Lifecycle Manager

>= 8.0 and <= 8.2

References & Advisories

🔗 https://www.vmware.com/security/advisories/VMSA-2020-0027.html
🔗 https://www.kb.cert.org/vuls/id/724367
🔗 https://www.vmware.com/security/advisories/VMSA-2020-0027.html
🔗 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-4006

関連する脆弱性情報

CVE-2011-313510.0

Unspecified vulnerability in the Runtime in IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.9 and Tivoli Federated...

CVE-2020-1184410.0

Incorrect Authorization vulnerability in Micro Focus Container Deployment Foundation component affects products: - Hybrid Cloud Ma...

CVE-2020-202110.0

When Security Assertion Markup Language (SAML) authentication is enabled and the 'Validate Identity Provider Certificate' option i...

CVE-2011-313610.0

Unspecified vulnerability in the Management Console in IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.9 and Tivol...