Security News > 2022 > August > VMware: Patch this critical vulnerability immediately! (CVE-2022-31656)
VMware has released fixes for ten vulnerabilities, including CVE-2022-31656, an authentication bypass vulnerability affecting VMware Workspace ONE Access, Identity Manager and vRealize Automation, which the company considers critical and advises to patch or mitigate immediately.
CVE-2022-31656 is an authentication bypass vulnerability affecting local domain users on VMware Workspace ONE Access, Identity Manager and vRealize Automation, that may allow an attacker with network access to the UI to obtain administrative access without the need to authenticate first.
"Given the prevalence of attacks targeting VMware vulnerabilities and a forthcoming proof-of-concept, organizations need to make patching CVE-2022-31656 a priority," says Claire Tills, senior research engineer at Tenable.
She also noted that "Early reports indicate that CVE-2022-31656 is actually a variant or patch bypass of CVE-2022-22972 which was patched in [May 2022]."
Petrus Viet, the researcher who discovered CVE-2022-31656, has also reported CVE-2022-31659, a SQL injection flaw that can be exploited to trigger a remote code execution.
Along with the security advisory, VMware has also published a FAQ document that enterprise admins should consult to make sure they apply patches or workarounds correctly.
News URL
https://www.helpnetsecurity.com/2022/08/03/cve-2022-31656/
Related news
- SolarWinds Issues Patch for Critical ARM Vulnerability Enabling RCE Attacks (source)
- Patch Issued for Critical VMware vCenter Flaw Allowing Remote Code Execution (source)
- Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast (source)
- VMware Releases vCenter Server Update to Fix Critical RCE Vulnerability (source)
- VMware fixes bad patch for critical vCenter Server RCE flaw (source)
- Week in review: Vulnerability allows Yubico security keys cloning, Patch Tuesday forecast (source)
- Progress Software Issues Patch for Vulnerability in LoadMaster and MT Hypervisor (source)
- GitLab warns of critical pipeline execution vulnerability (source)
- Exploit code released for critical Ivanti RCE flaw, patch now (source)
- Broadcom fixes critical RCE bug in VMware vCenter Server (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-05 | CVE-2022-31659 | SQL Injection vulnerability in VMWare products VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability. | 0.0 |
| 2022-08-05 | CVE-2022-31656 | Unspecified vulnerability in VMWare products VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. | 9.8 |
| 2022-05-20 | CVE-2022-22972 | Unspecified vulnerability in VMWare products VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. | 9.8 |