Tuesday 08 December 2020
The impact of this issue announcement is critical. Please act accordingly to rectify the issue, as stated below.
- VMware Workspace One Access (Access)
- VMware Workspace One Access Connector (Access Connector)
- VMware Identity Manager (vIDM)
- VMware Identity Manager Connector (vIDM Connector)
- VMware Cloud Foundation
- vRealize Suite Lifecycle Manager
What you need to know:
According to the National Security Agency, state-sponsored malicious cyber actors are exploiting CVE-2020-4006, a command injection vulnerability in VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector.