Je hebt een klacht over de onderstaande posting:
Hmm, wel erg grote lekken: Lek #1 A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate. Lek #2 A malicious actor with administrator and network access can trigger a remote code execution. Lek #3 A malicious actor with local access can escalate privileges to 'root'. Lek #4 A malicious actor with network access may be able to redirect an authenticated user to an arbitrary domain. Lek #5 A malicious actor with network access may be able to access arbitrary files. Lek #6 Due to improper user input sanitization, a malicious actor with some user interaction may be able to inject javascript code in the target user's window. Dit zou toch niet meer moeten kunnen anno 2022 voor software met zulke impact als VMware Workspace ONE Access, VMware Workspace ONE Access Connector, VMware Identity Manager, VMware Identity Manager Connector, VMware vRealize Automation, VMware Cloud Foundation en vRealize Suite Lifecycle Manager...
Beschrijf je klacht (Optioneel):