Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
670
VMScore

CVE-2022-22972

Published: 20/05/2022 Updated: 08/08/2023
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 670
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Vmware

Vulnerability Summary

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

vmware identity_manager 3.3.3

vmware identity_manager 3.3.4

vmware identity_manager 3.3.5

vmware identity_manager 3.3.6

vmware vrealize_automation 7.6

vmware workspace_one_access 20.10.0.0

vmware workspace_one_access 20.10.0.1

vmware workspace_one_access 21.08.0.0

vmware workspace_one_access 21.08.0.1

vmware cloud foundation 4.0

vmware cloud foundation 4.0.1

vmware vrealize suite lifecycle manager 8.0

vmware vrealize suite lifecycle manager 8.0.1

vmware vrealize suite lifecycle manager 8.1

vmware vrealize suite lifecycle manager 8.2

vmware cloud foundation 3.0

vmware cloud foundation 3.0.1

vmware cloud foundation 3.0.1.1

vmware cloud foundation 3.5

vmware cloud foundation 3.5.1

vmware cloud foundation 3.7

vmware cloud foundation 3.7.1

vmware cloud foundation 3.7.2

vmware cloud foundation 3.8

vmware cloud foundation 3.8.1

vmware cloud foundation 3.9

vmware cloud foundation 3.9.1

vmware cloud foundation 3.10

vmware cloud foundation 4.1

vmware cloud foundation 4.2.1

vmware cloud foundation 4.1.0.1

vmware cloud foundation 3.11

vmware cloud foundation 3.10.1

vmware cloud foundation 3.10.1.1

vmware cloud foundation 3.10.1.2

vmware cloud foundation 3.10.2.1

vmware cloud foundation 3.10.2.2

vmware cloud foundation 4.3.1

vmware cloud foundation 4.3

vmware cloud foundation 4.2

vmware cloud foundation 3.11.0.1

vmware vrealize suite lifecycle manager 8.8

vmware vrealize suite lifecycle manager 8.7

vmware vrealize suite lifecycle manager 8.6

vmware vrealize suite lifecycle manager 8.6.1

vmware vrealize suite lifecycle manager 8.6.2

vmware vrealize suite lifecycle manager 8.4.1

vmware vrealize suite lifecycle manager 8.4

vmware vrealize suite lifecycle manager 8.3

Vendor Advisories

VMware Security Advisories:
Sign up for Security Advisories Stay up to date on the latest VMware Security advisories and updates ...

Github Repositories

https://github.com/GRQForCloud/cloud-security-guides

Cloud Security Guides Cloud Security Guides 是由腾讯安全云鼎实验室维护的一个云计算安全知识库项目,用来收集云安全研究期间发现的优秀资源、文献、典型云安全漏洞以及知识图谱等,并以云参考模型架构为依托,将云上安全资源进行分类编排,为云上安全能力建设工作提供一份参考指南。Cl

https://github.com/horizon3ai/CVE-2022-22972

CVE-2022-22972 POC for CVE-2022-22972 affecting VMware Workspace ONE, vIDM, and vRealize Automation 76 Technical Analysis A technical root cause analysis of the vulnerability can be found on our blog: wwwhorizon3ai/vmware-authentication-bypass-vulnerability-cve-2022-22972-technical-deep-dive Summary This script can be used by bypass authentication on vRealize Automa

https://github.com/Dghpi9/CVE-2022-22972

vmware authentication bypass

CVE-2022-22972 vmware authentication bypass -host string Auth Servers,(bugs365com) -url string Vul url,-url xxxcom -user string username (default "administrator")

https://github.com/43622283/cloud-security-guides

Cloud Security Guides Cloud Security Guides 是由腾讯安全云鼎实验室维护的一个云计算安全知识库项目,用来收集云安全研究期间发现的优秀资源、文献、典型云安全漏洞以及知识图谱等,并以云参考模型架构为依托,将云上安全资源进行分类编排,为云上安全能力建设工作提供一份参考指南。Cl

https://github.com/GRQForCloud/awesome-cloud-security

Cloud Security Guides Cloud Security Guides 是由腾讯安全云鼎实验室维护的一个云计算安全知识库项目,用来收集云安全研究期间发现的优秀资源、文献、典型云安全漏洞以及知识图谱等,并以云参考模型架构为依托,将云上安全资源进行分类编排,为云上安全能力建设工作提供一份参考指南。Cl

https://github.com/bengisugun/CVE-2022-22972-

IOC List

CVE-2022-22972-IOC List IP ADRESSES • 2336163250 • 64326143 • 21717549100 HASH • 6f17c8af555321cca16fe1695cc420eb9079fd187b8fa71d840f3cfd1f796117 • 040db8eacbd482c12ba03ab1a7c738be • 97ac734b671c815c43ea3287732046d2177e5bdad63e12315acc4902b8baa04d • 0504b67a506ab4b537725084eb6c26f4c1ceeb3349e7c84da8974bec7bde47e1 • 821f53ec249dea

Recent Articles

VMware patches critical 'make me admin' auth bypass bug, plus nine other flaws
The Register • Jessica Lyons Hardcastle • 01 Jan 1970

Topics Security Off-Prem On-Prem Software Offbeat Vendor Voice Vendor Voice Resources Meanwhile, a security update for rsync What do you want on The Register?

VMware has fixed a critical authentication bypass vulnerability that hits 9.8 out of 10 on the CVSS severity scale and is present in multiple products. That flaw is tracked as CVE-2022-31656, and affects VMware's Workspace ONE Access, Identity Manager, and vRealize Automation. It was addressed along with nine other security holes in this patch batch, published Tuesday. Here's the bottom line of the '31656 bug, according to VMware: "A malicious actor with network access to the UI may be able to o...

Read more...
Patch your VMware gear now – or yank it out, Uncle Sam tells federal agencies
The Register • Simon Sharwood, APAC Editor • 01 Jan 1970

Topics Security Off-Prem On-Prem Software Offbeat Vendor Voice Vendor Voice Resources Critical authentication bypass revealed, older flaws under active attack

Uncle Sam's Cybersecurity and Infrastructure Security Agency (CISA) has issued two warnings in a single day to VMware users, as it believes the virtualization giant's products can be exploited by miscreants to gain control of systems. The agency rates this threat as sufficiently serious to demand US government agencies pull the plug on their VMware products if patches can’t be applied. Of the two warnings, one highlights a critical authentication bypass vulnerability – CVE-2022-22972, rated ...

Read more...

References

NVD-CWE-noinfohttps://www.vmware.com/security/advisories/VMSA-2022-0014.htmlhttps://nvd.nist.govhttps://github.com/GRQForCloud/cloud-security-guideshttps://github.com/Dghpi9/CVE-2022-22972https://www.theregister.co.uk/2022/08/03/vmware_critical_authentication_bypass/https://www.vmware.com/security/advisories/VMSA-2022-0014.html
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924CVE-2024-3400overflowCVE-2024-23528CVE-2024-21338CVE-2024-3818CVE-2024-23535NULL pointer dereferenceelevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook