vulnerability

VMware Workspace ONE Access: CVE-2021-22003: Information Disclosure Vulnerability in VMware Workspace One Access (VMSA-2021-0016)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:P/I:N/A:N)	Aug 31, 2021	Sep 24, 2021	Aug 11, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:N/A:N)

Published

Aug 31, 2021

Added

Sep 24, 2021

Modified

Aug 11, 2025

Description

VMware Workspace ONE Access and Identity Manager, unintentionally provide a login interface on port 7443. A malicious actor with network access to port 7443 may attempt user enumeration or brute force the login endpoint, which may or may not be practical based on lockout policy configuration and password complexity for the target account.

Solutions

vmware-workspace-one-access-upgrade-20_01_0_0_17267236vmware-workspace-one-access-upgrade-20_10_01_0_17267238vmware-workspace-one-access-upgrade-20_10_0_0_17267237

References

CVE-2021-22003
https://attackerkb.com/topics/CVE-2021-22003
CWE-307
URL-http://www.vmware.com/security/advisories/VMSA-2021-0016.html

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today