Virtualization software maker VMware has issued security updates to address eight vulnerabilities, some of which can be used to launch remote code execution attacks.
VMWare Workspace One Access, VMware Identity Manager, VMware Cloud Foundation, and vRealize Suite Lifecycle Manager all have vulnerabilities that can be exploited via CVE-2022-22954 to CVE-2022-22961.
All eight bugs have a severity rating of "Critical," "Important," and "Moderate." Steven Seeley of the Qihoo 360 Vulnerability Research Institute is credited with reporting all of the vulnerabilities.
These are some of the flaws I've found:
The CVE-2022-22954 (CVSS score: 9.8) CVE-2022-22955 and CVE-2022-22956 are remote code execution vulnerabilities in VMware Workspace ONE Access and Identity Manager (CVSS scores: 9.8) CVE-2022-22957 and CVE-2022-22958 are OAuth2 ACS authentication bypass vulnerabilities in VMware Workspace ONE Access (CVSS scores: 9.1) Workspace One Access, Identity Manager, and vRealize Automation all have JDBC injection remote code execution vulnerabilities.
The CVE-2022-22959 (CVSS score: 8.8) CVE-2022-22960: Vulnerability in VMware Workspace ONE Access, Identity Manager, and vRealize Automation due to cross-site request forgery (CVSS score: 7.8) CVE-2022-22961 is a local privilege escalation vulnerability in VMware Workspace ONE Access, Identity Manager, and vRealize Automation (CVSS score: 5.3) vulnerabilities in vRealize Automation/Identity Manager/Workspace ONE Access could lead to the disclosure of sensitive information
A malicious actor could gain root user privileges, gain access to the hostnames of the target systems, and remotely execute arbitrary code if they successfully exploited the aforementioned weaknesses.
An alert from VMware stated, "This critical vulnerability should be patched or mitigated immediately." "The consequences of this weakness are dire."
The virtualization services provider stated that it has not seen any evidence of the vulnerabilities being exploited in the wild, but applying the patches is highly recommended in order to remove possible threats..
While convenient, workarounds do not remove vulnerabilities and may introduce additional complexities that patching would not, the company cautions.
Post a Comment
Your suggestions and comments are welcome