First published: Wed Apr 13 2022(Updated: )
VMware Workspace ONE Access has two authentication bypass vulnerabilities (CVE-2022-22955 & CVE-2022-22956) in the OAuth2 ACS framework. A malicious actor may bypass the authentication mechanism and execute any operation due to exposed endpoints in the authentication framework.
Credit: security@vmware.com
Affected Software | Affected Version | How to fix |
---|---|---|
VMware Identity Manager | =3.3.3 | |
VMware Identity Manager | =3.3.4 | |
VMware Identity Manager | =3.3.5 | |
VMware Identity Manager | =3.3.6 | |
VMware vRealize Automation | >=8.0<9.0 | |
VMware vRealize Automation | =7.6 | |
VMware Workspace ONE Access | =20.10.0.0 | |
VMware Workspace ONE Access | =20.10.0.1 | |
VMware Workspace ONE Access | =21.08.0.0 | |
VMware Workspace ONE Access | =21.08.0.1 | |
Linux Linux kernel |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-22956 is a vulnerability in VMware Workspace ONE Access that allows for authentication bypass.
CVE-2022-22956 has a severity score of 9.8, which is considered critical.
CVE-2022-22956 affects VMware Identity Manager versions 3.3.3, 3.3.4, 3.3.5, and 3.3.6, as well as VMware Workspace ONE Access versions 20.10.0.0, 20.10.0.1, 21.08.0.0, and 21.08.0.1.
A malicious actor can exploit the authentication bypass vulnerability in CVE-2022-22956 by bypassing the authentication mechanism and executing any operation due to exposed endpoints in the authentication framework.
Yes, you can find references for CVE-2022-22956 at the following links: http://packetstormsecurity.com/files/171918/Mware-Workspace-ONE-Remote-Code-Execution.html, http://packetstormsecurity.com/files/171918/VMware-Workspace-ONE-Remote-Code-Execution.html, and https://www.vmware.com/security/advisories/VMSA-2022-0011.html.