VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address have a command injection vulnerability.
https://www.tenable.com/blog/cve-2020-4006-vmware-command-injection-flaw-exploited-by-russian-state-sponsored-threat-actors
https://www.vmware.com/security/advisories/VMSA-2020-0027.html
Source: Mitre, NVD
Published: 2020-11-23
Base Score: 9
Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C
Severity: High
Base Score: 9.1
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Severity: Critical