Critical severity9.8NVD Advisory· Published Aug 31, 2021· Updated Jun 17, 2026
CVE-2021-22002
CVE-2021-22002
Description
VMware Workspace ONE Access and Identity Manager, allow the /cfg web app and diagnostic endpoints, on port 8443, to be accessed via port 443 using a custom host header. A malicious actor with network access to port 443 could tamper with host headers to facilitate access to the /cfg web app, in addition a malicious actor could access /cfg diagnostic endpoints without authentication.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- VMware/Workspace ONE Access and Identity Managerdescription
Patches
Vulnerability mechanics
References
1- www.vmware.com/security/advisories/VMSA-2021-0016.htmlnvdPatchVendor Advisory
News mentions
0No linked articles in our index yet.