VMware has addressed a critical authentication bypass security flaw, tracked as CVE-2022-31656, impacting local domain users in multiple products. An unauthenticated attacker can exploit the vulnerability to gain admin privileges.
“A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate.” reads the advisory published by the virtualization giant.
The flaw impacts Workspace ONE Access, Identity Manager, and vRealize Automation products.
The flaw has been rated as critical and received a CVSS v3 base score of 9.8.
Organizations that cannot immediately address the flaw can use workarounds for this flaw which are detailed in the Knowledge Base articles.
The company acknowledged PetrusViet from VNG Security for reporting this flaw to them.
VMware also addressed these security flaws:
The above issues impact the following products:
“These vulnerabilities are authentication bypass, remote code execution, and privilege escalation vulnerabilities.” reads a post published by the company. “An authentication bypass means that an attacker with network access to Workspace ONE Access, VMware Identity Manager, and vRealize Automation can obtain administrator access. Remote code execution (RCE) means that an attacker can trick the components into executing commands that aren’t authorized. Privilege escalation means that an attacker with local access can become root on the virtual appliance. It is extremely important that you quickly take steps to patch or mitigate these issues in on-premises deployments.”
Follow me on Twitter: @securityaffairs and Facebook
|[adrotate banner=”9″]||[adrotate banner=”12″]|
(SecurityAffairs – hacking, virtualization)