Security News > 2022 > May > VMware Releases Patches for New Vulnerabilities Affecting Multiple Products
VMware has issued patches to contain two security flaws impacting Workspace ONE Access, Identity Manager, and vRealize Automation that could be exploited to backdoor enterprise networks.
The first of the two flaws, tracked as CVE-2022-22972, concerns an authentication bypass that could enable an actor with network access to the UI to gain administrative access without prior authentication.
The disclosure follows a warning from the U.S. Cybersecurity and Infrastructure Agency that advanced persistent threat groups are exploiting CVE-2022-22954 and CVE-2022-22960 - two other VMware flaws that were fixed early last month - separately and in combination.
"An unauthenticated actor with network access to the web interface leveraged CVE-2022-22954 to execute an arbitrary shell command as a VMware user," it said.
"CISA expects threat actors to quickly develop a capability to exploit these newly released vulnerabilities in the same impacted VMware products," the agency said.
The agency has also released a follow-up advisory with regards to the active exploitation of CVE-2022-1388, a recently disclosed remote code execution flaw affecting BIG-IP devices.
News URL
https://thehackernews.com/2022/05/vmware-releases-patches-for-new.html
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-05-20 | CVE-2022-22972 | Unspecified vulnerability in VMWare products VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. | 9.8 |
2022-05-05 | CVE-2022-1388 | Unspecified vulnerability in F5 products On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all 12.1.x and 11.6.x versions, undisclosed requests may bypass iControl REST authentication. | 0.0 |
2022-04-13 | CVE-2022-22960 | Incorrect Permission Assignment for Critical Resource vulnerability in VMWare products VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in support scripts. | 7.8 |
2022-04-11 | CVE-2022-22954 | Code Injection vulnerability in VMWare products VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-side template injection. | 9.8 |