CVE-2022-31660
First published: Fri Aug 05 2022(Updated: )
VMware Workspace ONE Access, Identity Manager and vRealize Automation contains a privilege escalation vulnerability. A malicious actor with local access can escalate privileges to 'root'.
Credit: security@vmware.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| VMware Workspace ONE Access and Identity Manager | =3.3.4 | |
| VMware Workspace ONE Access and Identity Manager | =3.3.5 | |
| VMware Workspace ONE Access and Identity Manager | =3.3.6 | |
| VMware Workspace ONE Access | =21.08.0.0 | |
| VMware Workspace ONE Access | =21.08.0.1 | |
| Linux Kernel | ||
| VMware Access | =21.08.0.0 | |
| VMware Access | =21.08.0.1 | |
| VMware Access | =22.05 | |
| VMware Identity Manager Connector | =3.3.4 | |
| VMware Identity Manager Connector | =3.3.5 | |
| VMware Identity Manager Connector | =3.3.6 | |
| VMware Identity Manager Connector | =19.03.0.1 | |
| Microsoft Windows Operating System |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2022-31660.
What is the severity of CVE-2022-31660?
The severity of CVE-2022-31660 is high (7.8).
Which software is affected by CVE-2022-31660?
VMware Workspace ONE Access, Identity Manager, and vRealize Automation version 3.3.4, 3.3.5, and 3.3.6 are affected. VMware One Access version 21.08.0.0 and 21.08.0.1 are also affected.
What is the impact of the vulnerability?
The vulnerability allows a malicious actor with local access to escalate privileges to 'root'.
Is the Linux Kernel vulnerable to CVE-2022-31660?
No, the Linux Kernel is not vulnerable to CVE-2022-31660.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/last-modified-date
- agent/remedy
- agent/severity
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/author
- collector/nvd-api
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- vendor/vmware
- canonical/vmware workspace one access and identity manager
- version/vmware workspace one access and identity manager/3.3.4
- version/vmware workspace one access and identity manager/3.3.5
- version/vmware workspace one access and identity manager/3.3.6
- canonical/vmware workspace one access
- version/vmware workspace one access/21.08.0.0
- version/vmware workspace one access/21.08.0.1
- vendor/linux
- canonical/linux kernel
- canonical/vmware access
- version/vmware access/21.08.0.0
- version/vmware access/21.08.0.1
- version/vmware access/22.05
- canonical/vmware identity manager connector
- version/vmware identity manager connector/3.3.4
- version/vmware identity manager connector/3.3.5
- version/vmware identity manager connector/3.3.6
- version/vmware identity manager connector/19.03.0.1
- vendor/microsoft
- canonical/microsoft windows operating system