Search criteria
6 vulnerabilities found for workspace_one_boxer by vmware
FKIE_CVE-2022-22944
Vulnerability from fkie_nvd - Published: 2022-03-02 21:15 - Updated: 2024-11-21 06:47
Severity ?
Summary
VMware Workspace ONE Boxer contains a stored cross-site scripting (XSS) vulnerability. Due to insufficient sanitization and validation, in VMware Workspace ONE Boxer calendar event descriptions, a malicious actor can inject script tags to execute arbitrary script within a user's window.
References
| URL | Tags | ||
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2022-0006.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2022-0006.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | workspace_one_boxer | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:workspace_one_boxer:*:*:*:*:*:iphone_os:*:*",
"matchCriteriaId": "D5270305-B9A9-4C32-B73A-8FA64B693C07",
"versionEndExcluding": "22.02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Workspace ONE Boxer contains a stored cross-site scripting (XSS) vulnerability. Due to insufficient sanitization and validation, in VMware Workspace ONE Boxer calendar event descriptions, a malicious actor can inject script tags to execute arbitrary script within a user\u0027s window."
},
{
"lang": "es",
"value": "VMware Workspace ONE Boxer contiene una vulnerabilidad de tipo cross-site scripting (XSS) almacenada. Debido a un saneamiento y comprobaci\u00f3n insuficientes, en las descripciones de eventos de calendario de VMware Workspace ONE Boxer, un actor malicioso puede inyectar etiquetas de script para ejecutar un script arbitrario dentro de la ventana de un usuario"
}
],
"id": "CVE-2022-22944",
"lastModified": "2024-11-21T06:47:39.323",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-02T21:15:08.117",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0006.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-3940
Vulnerability from fkie_nvd - Published: 2020-01-17 18:15 - Updated: 2024-11-21 05:32
Severity ?
Summary
VMware Workspace ONE SDK and dependent mobile application updates address sensitive information disclosure vulnerability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:workspace_one_boxer:*:*:*:*:*:android:*:*",
"matchCriteriaId": "FCAAAA00-5DA8-4D7D-BFA3-D45A637032FE",
"versionEndExcluding": "5.13.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_content:*:*:*:*:*:android:*:*",
"matchCriteriaId": "D0D4F64D-4877-4BD2-8926-4600CAD3F804",
"versionEndExcluding": "3.21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_content:*:*:*:*:*:iphone_os:*:*",
"matchCriteriaId": "602D8CAD-CF93-4311-9E59-D62F54B0816D",
"versionEndExcluding": "4.20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_intelligent_hub:*:*:*:*:*:android:*:*",
"matchCriteriaId": "391C27B6-A114-4451-B318-279D26AC79FB",
"versionEndExcluding": "19.11.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_notebook:*:*:*:*:*:android:*:*",
"matchCriteriaId": "1A508AC6-131F-4A0F-B292-1006059ECD16",
"versionEndExcluding": "1.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_people:*:*:*:*:*:android:*:*",
"matchCriteriaId": "CFB2EFB3-E93C-4A5D-95B2-0F3B3DE1CBF2",
"versionEndExcluding": "1.3.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_piv-d_manager:*:*:*:*:*:android:*:*",
"matchCriteriaId": "80356ACB-FA05-4BE6-A78E-34613B23D574",
"versionEndExcluding": "1.4.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_sdk:*:*:*:*:*:xamarin:*:*",
"matchCriteriaId": "339F4720-437E-4C2C-8B61-44811DA224A2",
"versionEndExcluding": "1.4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_sdk:*:*:*:*:*:apache_cordova:*:*",
"matchCriteriaId": "2B2AD677-A184-4F47-AD07-FE7373E1740C",
"versionEndExcluding": "1.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_sdk:*:*:*:*:*:android:*:*",
"matchCriteriaId": "EE938B0B-31E7-4783-8844-2BFC58E378BB",
"versionEndExcluding": "19.11.1",
"versionStartIncluding": "19.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_sdk_\\(objective-c\\):*:*:*:*:iphone_os:*:*:*",
"matchCriteriaId": "1504AEEB-34D4-4E61-B9B9-2362A58FAA19",
"versionEndExcluding": "5.9.9.8",
"versionStartIncluding": "5.9.9.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_web:*:*:*:*:*:android:*:*",
"matchCriteriaId": "CFC2C542-41D1-4982-9D41-1C25A2715A74",
"versionEndExcluding": "7.10.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Workspace ONE SDK and dependent mobile application updates address sensitive information disclosure vulnerability."
},
{
"lang": "es",
"value": "VMware Workspace ONE SDK y las actualizaciones de aplicaciones m\u00f3viles dependientes abordan la vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n confidencial."
}
],
"id": "CVE-2020-3940",
"lastModified": "2024-11-21T05:32:00.190",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-17T18:15:13.290",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0001.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2022-22944 (GCVE-0-2022-22944)
Vulnerability from cvelistv5 – Published: 2022-03-02 20:50 – Updated: 2024-08-03 03:28
VLAI?
Summary
VMware Workspace ONE Boxer contains a stored cross-site scripting (XSS) vulnerability. Due to insufficient sanitization and validation, in VMware Workspace ONE Boxer calendar event descriptions, a malicious actor can inject script tags to execute arbitrary script within a user's window.
Severity ?
No CVSS data available.
CWE
- Stored cross-site scripting (XSS) vulnerability
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware Workspace ONE Boxer |
Affected:
VMware Workspace ONE Boxer for iOS prior to 22.02
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:28:42.379Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0006.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware Workspace ONE Boxer",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware Workspace ONE Boxer for iOS prior to 22.02"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware Workspace ONE Boxer contains a stored cross-site scripting (XSS) vulnerability. Due to insufficient sanitization and validation, in VMware Workspace ONE Boxer calendar event descriptions, a malicious actor can inject script tags to execute arbitrary script within a user\u0027s window."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Stored cross-site scripting (XSS) vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-02T20:50:17",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0006.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2022-22944",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware Workspace ONE Boxer",
"version": {
"version_data": [
{
"version_value": "VMware Workspace ONE Boxer for iOS prior to 22.02"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware Workspace ONE Boxer contains a stored cross-site scripting (XSS) vulnerability. Due to insufficient sanitization and validation, in VMware Workspace ONE Boxer calendar event descriptions, a malicious actor can inject script tags to execute arbitrary script within a user\u0027s window."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Stored cross-site scripting (XSS) vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2022-0006.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0006.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2022-22944",
"datePublished": "2022-03-02T20:50:17",
"dateReserved": "2022-01-10T00:00:00",
"dateUpdated": "2024-08-03T03:28:42.379Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-3940 (GCVE-0-2020-3940)
Vulnerability from cvelistv5 – Published: 2020-01-17 17:59 – Updated: 2024-08-04 07:52
VLAI?
Summary
VMware Workspace ONE SDK and dependent mobile application updates address sensitive information disclosure vulnerability.
Severity ?
No CVSS data available.
CWE
- Sensitive information disclosure
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| VMware | Workspace ONE SDK |
Affected:
Workspace ONE SDK for Android prior to 19.11.1 and Workspace ONE SDK for iOS (Objective-C) prior to 5.9.9.8
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:52:20.417Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Workspace ONE SDK",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "Workspace ONE SDK for Android prior to 19.11.1 and Workspace ONE SDK for iOS (Objective-C) prior to 5.9.9.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware Workspace ONE SDK and dependent mobile application updates address sensitive information disclosure vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Sensitive information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-17T17:59:29",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0001.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2020-3940",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Workspace ONE SDK",
"version": {
"version_data": [
{
"version_value": "Workspace ONE SDK for Android prior to 19.11.1 and Workspace ONE SDK for iOS (Objective-C) prior to 5.9.9.8"
}
]
}
}
]
},
"vendor_name": "VMware"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware Workspace ONE SDK and dependent mobile application updates address sensitive information disclosure vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Sensitive information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2020-0001.html",
"refsource": "CONFIRM",
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0001.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2020-3940",
"datePublished": "2020-01-17T17:59:29",
"dateReserved": "2019-12-30T00:00:00",
"dateUpdated": "2024-08-04T07:52:20.417Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-22944 (GCVE-0-2022-22944)
Vulnerability from nvd – Published: 2022-03-02 20:50 – Updated: 2024-08-03 03:28
VLAI?
Summary
VMware Workspace ONE Boxer contains a stored cross-site scripting (XSS) vulnerability. Due to insufficient sanitization and validation, in VMware Workspace ONE Boxer calendar event descriptions, a malicious actor can inject script tags to execute arbitrary script within a user's window.
Severity ?
No CVSS data available.
CWE
- Stored cross-site scripting (XSS) vulnerability
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware Workspace ONE Boxer |
Affected:
VMware Workspace ONE Boxer for iOS prior to 22.02
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:28:42.379Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0006.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware Workspace ONE Boxer",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware Workspace ONE Boxer for iOS prior to 22.02"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware Workspace ONE Boxer contains a stored cross-site scripting (XSS) vulnerability. Due to insufficient sanitization and validation, in VMware Workspace ONE Boxer calendar event descriptions, a malicious actor can inject script tags to execute arbitrary script within a user\u0027s window."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Stored cross-site scripting (XSS) vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-02T20:50:17",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0006.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2022-22944",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware Workspace ONE Boxer",
"version": {
"version_data": [
{
"version_value": "VMware Workspace ONE Boxer for iOS prior to 22.02"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware Workspace ONE Boxer contains a stored cross-site scripting (XSS) vulnerability. Due to insufficient sanitization and validation, in VMware Workspace ONE Boxer calendar event descriptions, a malicious actor can inject script tags to execute arbitrary script within a user\u0027s window."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Stored cross-site scripting (XSS) vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2022-0006.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0006.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2022-22944",
"datePublished": "2022-03-02T20:50:17",
"dateReserved": "2022-01-10T00:00:00",
"dateUpdated": "2024-08-03T03:28:42.379Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-3940 (GCVE-0-2020-3940)
Vulnerability from nvd – Published: 2020-01-17 17:59 – Updated: 2024-08-04 07:52
VLAI?
Summary
VMware Workspace ONE SDK and dependent mobile application updates address sensitive information disclosure vulnerability.
Severity ?
No CVSS data available.
CWE
- Sensitive information disclosure
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| VMware | Workspace ONE SDK |
Affected:
Workspace ONE SDK for Android prior to 19.11.1 and Workspace ONE SDK for iOS (Objective-C) prior to 5.9.9.8
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:52:20.417Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Workspace ONE SDK",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "Workspace ONE SDK for Android prior to 19.11.1 and Workspace ONE SDK for iOS (Objective-C) prior to 5.9.9.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware Workspace ONE SDK and dependent mobile application updates address sensitive information disclosure vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Sensitive information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-17T17:59:29",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0001.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2020-3940",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Workspace ONE SDK",
"version": {
"version_data": [
{
"version_value": "Workspace ONE SDK for Android prior to 19.11.1 and Workspace ONE SDK for iOS (Objective-C) prior to 5.9.9.8"
}
]
}
}
]
},
"vendor_name": "VMware"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware Workspace ONE SDK and dependent mobile application updates address sensitive information disclosure vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Sensitive information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2020-0001.html",
"refsource": "CONFIRM",
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0001.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2020-3940",
"datePublished": "2020-01-17T17:59:29",
"dateReserved": "2019-12-30T00:00:00",
"dateUpdated": "2024-08-04T07:52:20.417Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}