{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-22260", "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "state": "PUBLISHED", "assignerShortName": "vmware", "dateReserved": "2024-01-08T18:43:15.943Z", "datePublished": "2024-06-27T20:18:58.176Z", "dateUpdated": "2024-06-28T14:56:54.956Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "VMware Workspace One UEM", "vendor": "N/A", "versions": [{"status": "affected", "version": "VMware Workspace One UEM 23.10.x, VMware Workspace One UEM 23.6.x, VMware Workspace One UEM 23.4.x, VMware Workspace One UEM 22.12.x"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\nVMware Workspace One UEM update addresses an information exposure vulnerability. \nA malicious actor with network access to the Workspace One UEM may be \nable to perform an attack resulting in an information exposure.\n\n\n\n"}], "value": "VMware Workspace One UEM update addresses an information exposure vulnerability.\u00a0\nA malicious actor with network access to the Workspace One UEM may be \nable to perform an attack resulting in an information exposure."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"description": "Information exposure vulnerability", "lang": "en"}]}], "providerMetadata": {"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "shortName": "vmware", "dateUpdated": "2024-06-27T20:18:58.176Z"}, "references": [{"url": "https://www.vmware.com/security/advisories/OMSA-2024-0001.html"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"affected": [{"vendor": "vmware", "product": "workspace_one_uem", "cpes": ["cpe:2.3:a:vmware:workspace_one_uem:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "23.10x", "status": "affected"}]}, {"vendor": "vmware", "product": "workspace_one_uem", "cpes": ["cpe:2.3:a:vmware:workspace_one_uem:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "23.6x", "status": "affected"}]}, {"vendor": "vmware", "product": "workspace_one_uem", "cpes": ["cpe:2.3:a:vmware:workspace_one_uem:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "23.4x", "status": "affected"}]}, {"vendor": "vmware", "product": "workspace_one_uem", "cpes": ["cpe:2.3:a:vmware:workspace_one_uem:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "22.12x", "status": "affected"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-28T14:48:16.804419Z", "id": "CVE-2024-22260", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-28T14:56:54.956Z"}}]}}

{"descriptions": [{"lang": "en", "value": "VMware Workspace One UEM update addresses an information exposure vulnerability.\u00a0\nA malicious actor with network access to the Workspace One UEM may be \nable to perform an attack resulting in an information exposure."}], "id": "CVE-2024-22260", "lastModified": "2024-06-27T21:15:13.470", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 5.2, "source": "security@vmware.com", "type": "Secondary"}]}, "published": "2024-06-27T21:15:13.470", "references": [{"source": "security@vmware.com", "url": "https://www.vmware.com/security/advisories/OMSA-2024-0001.html"}], "sourceIdentifier": "security@vmware.com", "vulnStatus": "Received"}

{}