VMware Workspace ONE Access and VMware Identity Manager could allow a local authenticated attacker to gain elevated privileges on the system. An attacker could exploit this vulnerability to gain root privileges.
VMware Workspace ONE Access, VMware Identity Manager, and VMware vRealize Automation could allow a remote attacker to bypass security restrictions. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain administrative access.
This is a critical vulnerability. Patch Now!
Refer to VMware Security Advisory for patch, upgrade or suggested workaround information.
Procedure to apply the Workaround:
Procedure to revert the Workaround:
Use these steps only after applying the Hotfixes or if there is a lock out