Vulnerabilities > CVE-2022-22972 - Unspecified vulnerability in VMWare products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate.
Vulnerable Configurations
Related news
- Researchers to release exploit for new VMware auth bypass, patch now (source)
- Exploit released for critical VMware auth bypass bug, patch now (source)
- VMware: Patch this critical vulnerability immediately! (CVE-2022-31656) (source)
- Researchers to release PoC exploit for critical Zoho RCE bug, patch now (source)
- Researchers to release PoC exploit for critical ManageEngine RCE bug, patch now (source)
- Exploit released for critical ManageEngine RCE bug, patch now (source)
- Researchers to release VMware vRealize Log RCE exploit, patch now (source)
- Exploit released for critical VMware vRealize RCE vulnerability (source)