Security News > 2022 > May > VMware Releases Patches for New Vulnerabilities Affecting Multiple Products

VMware Releases Patches for New Vulnerabilities Affecting Multiple Products
2022-05-18 22:48

VMware has issued patches to contain two security flaws impacting Workspace ONE Access, Identity Manager, and vRealize Automation that could be exploited to backdoor enterprise networks.

The first of the two flaws, tracked as CVE-2022-22972, concerns an authentication bypass that could enable an actor with network access to the UI to gain administrative access without prior authentication.

The disclosure follows a warning from the U.S. Cybersecurity and Infrastructure Agency that advanced persistent threat groups are exploiting CVE-2022-22954 and CVE-2022-22960 - two other VMware flaws that were fixed early last month - separately and in combination.

"An unauthenticated actor with network access to the web interface leveraged CVE-2022-22954 to execute an arbitrary shell command as a VMware user," it said.

"CISA expects threat actors to quickly develop a capability to exploit these newly released vulnerabilities in the same impacted VMware products," the agency said.

The agency has also released a follow-up advisory with regards to the active exploitation of CVE-2022-1388, a recently disclosed remote code execution flaw affecting BIG-IP devices.


News URL

https://thehackernews.com/2022/05/vmware-releases-patches-for-new.html

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2022-05-20 CVE-2022-22972 Unspecified vulnerability in VMWare products
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users.
network
low complexity
vmware
critical
9.8
2022-05-05 CVE-2022-1388 Missing Authentication for Critical Function vulnerability in F5 products
On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all 12.1.x and 11.6.x versions, undisclosed requests may bypass iControl REST authentication.
network
low complexity
f5 CWE-306
critical
9.8
2022-04-13 CVE-2022-22960 Incorrect Permission Assignment for Critical Resource vulnerability in VMWare products
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in support scripts.
local
low complexity
vmware CWE-732
7.8
2022-04-11 CVE-2022-22954 Code Injection vulnerability in VMWare products
VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-side template injection.
network
low complexity
vmware CWE-94
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Vmware 146 11 222 256 102 591