CVE-2021-22002

Name of the Vulnerable Software and Affected Versions VMware Workspace ONE Access and Identity Manager (affected versions not specified) VMware Identity Manager (affected versions not specified) vRealize Automation (affected versions not specified) Cloud Foundation (affected versions not specified) vRealize Suite Lifecycle Manager (affected versions not specified)

Description The issue is related to insufficient validation of incoming requests, allowing a malicious actor with network access to port 443 to tamper with host headers and access the /cfg web app and diagnostic endpoints without authentication. This could facilitate a Server-Side Request Forgery (SSRF) attack by sending specially crafted HTTP requests through port 443. A malicious actor could exploit this to access sensitive areas of the application.

Recommendations For VMware Workspace ONE Access and Identity Manager, consider restricting access to the /cfg web app and diagnostic endpoints on port 8443 to prevent unauthorized access via port 443. For VMware Identity Manager, vRealize Automation, Cloud Foundation, and vRealize Suite Lifecycle Manager, restrict access to sensitive areas of the application to minimize the risk of SSRF attacks. As a temporary workaround, consider disabling access to the /cfg web app and diagnostic endpoints until a patch is available. Avoid using custom host headers on port 443 to prevent tampering with host headers and facilitate access to sensitive areas of the application. At the moment, there is no information about a newer version that contains a fix for this vulnerability.