VMware Workspace ONE Access, Identity Manager, Connectors and vRealize Automation contain a path traversal vulnerability. A malicious actor with network access may be able to access arbitrary files.
{"threatpost": [{"lastseen": "2022-08-11T18:59:39", "description": "VMware and experts alike are urging users to patch multiple products affected by a critical authentication bypass vulnerability that can allow an attacker to gain administrative access to a system as well as exploit other flaws.\n\nThe bug\u2014tracked as [CVE-2022-31656](<https://tenable.com/cve/CVE-2022-31656>)\u2014earned a rating of 9.8 on the CVSS and is one of a number of fixes the company made in various products [in an update](<https://www.vmware.com/security/advisories/VMSA-2022-0021.html>) released on Tuesday for flaws that could easily become an exploit chain, researchers said.\n\nCVE-2022-31656 also certainly the most dangerous of these vulnerabilities, and likely will become more so as the researcher who discovered it\u2013[Petrus Viet](<https://twitter.com/VietPetrus>) of VNG Security\u2013has promised [in a tweet](<https://twitter.com/VietPetrus/status/1554485970514608128>) that a proof-of-concept exploit for the bug is \u201csoon to follow,\u201d experts said.\n\nThis adds urgency to the need for organizations affected by the flaw to patch now, researchers said.\n\n\u201cGiven the prevalence of attacks targeting VMware vulnerabilities and a forthcoming proof-of-concept, organizations need to make patching CVE-2022-31656 a priority,\u201d [Claire Tills](<https://www.tenable.com/profile/claire-tills>), senior research engineer with Tenable\u2019s Security Response Team, said in an email to Threatpost. \u201cAs an authentication bypass, exploitation of this flaw opens up the possibility that attackers could create very troubling exploit chains.\u201d\n\n## **Potential for Attack Chain**\n\nSpecifically, CVE-2022-31656 is an authentication bypass vulnerability affecting VMware Workspace ONE Access, Identity Manager and vRealize Automation.\n\nThe bug affects local domain users and requires that a remote attacker must have network access to a vulnerable user interface, according to [a blog post](<https://www.tenable.com/blog/cve-2022-31656-vmware-patches-several-vulnerabilities-in-multiple-products-vmsa-2022-0021>) by Tills published Tuesday. Once an attacker achieves this, he or she can use the flaw to bypass authentication and gain administrative access, she said.\n\nMoreover, the vulnerability is the gateway to exploiting other remote code execution (RCE) flaws addressed by VMWare\u2019s release this week\u2014[CVE-2022-31658](<https://www.tenable.com/cve/CVE-2022-31658>) and [CVE-2022-31659](<https://www.tenable.com/cve/CVE-2022-31659>)\u2014to form an attack chain, Tills observed.\n\nCVE-2022-31658 is a JDBC injection RCE vulnerability that affect VMware Workspace ONE Access, Identity Manager and vRealize Automation that\u2019s earned an \u201cimportant\u201d score on the CVSS\u20148.0. The flaw allows a malicious actor with administrator and network access to trigger RCE.\n\nCVE-2022-31659 is an SQL injection RCE vulnerability that affects VMware Workspace ONE Access and Identity Manager and also earned a rating of 8.0 with a similar attack vector to CVE-2022-31658. Viet is credited with discovering both of these flaws.\n\nThe other six bugs patched in the update include another RCE bug (CVE-2022-31665) rated as important; two privilege escalation vulnerabilities (CVE-2022-31660 and CVE-2022-31661) rated as important; a local privilege escalation vulnerability (CVE-2022-31664) rated as important; a URL Injection Vulnerability (CVE-2022-31657) rated as moderate; and a path traversal vulnerability (CVE-2022-31662) rated as moderate.\n\n## **Patch Early, Patch Everything**\n\nVMware is no stranger to having to rush out patches for critical bugs found in its products, and has suffered its share of security woes due to the ubiquity of its platform across enterprise networks.\n\nIn late June, for example, federal agencies warned of [attackers pummeling](<https://threatpost.com/log4shell-targeted-vmware-data/180072/>) VMware Horizon and Unified Access Gateway (UAG) servers to exploit the now-infamous [Log4Shell](<https://threatpost.com/zero-day-in-ubiquitous-apache-log4j-tool-under-active-attack/176937/>) RCE vulnerability, an [easy-to-exploit flaw](<https://threatpost.com/apache-log4j-log4shell-mutations/176962/>) discovered in the Apache logging library Log4J late last year and [continuously targeted](<https://threatpost.com/vmware-bugs-abused-mirai-log4shell/179652/>) on VMware and other platforms since then.\n\nIndeed, sometimes even patching has still not been enough for VMware, with attackers targeting existing flaws after the company does its due diligence to release a fix.\n\nThis scenario occurred in December 2020, when [the feds warned](<https://threatpost.com/nsa-vmware-bug-under-attack/161985/>) the adversaries were actively exploiting a weeks-old bug in Workspace One Access and Identity Manager products three days after the vendor patched the vulnerability.\n\nThough all signs point to the urgency of patching the latest threat to VMware\u2019s platform, it\u2019s highly likely that even if the advice is heeded, the danger will persist for the foreseeable future, observed one security professional.\n\nThough enterprises tend to initially move quickly to patch the most imminent threats to their network, they often miss other places attackers can exploit a flaw, observed Greg Fitzgerald, co-founder of Sevco Security, in an email to Threatpost. This is what leads to persistent and ongoing attacks, he said.\n\n\u201cThe most significant risk for enterprises isn\u2019t the speed at which they are applying critical patches; it comes from not applying the patches on every asset,\u201d Fitzgerald said. \u201cThe simple fact is that most organizations fail to maintain an up-to-date and accurate IT asset inventory, and the most fastidious approach to patch management cannot ensure that all enterprise assets are accounted for.\u201d\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-08-03T15:23:16", "type": "threatpost", "title": "VMWare Urges Users to Patch Critical Authentication Bypass Bug", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2022-31656", "CVE-2022-31657", "CVE-2022-31658", "CVE-2022-31659", "CVE-2022-31660", "CVE-2022-31661", "CVE-2022-31662", "CVE-2022-31664", "CVE-2022-31665"], "modified": "2022-08-03T15:23:16", "id": "THREATPOST:556939F8D58337486DFBC3B2A820DE47", "href": "https://threatpost.com/vmware-patch-critical-bug/180346/", "cvss": {"score": 0.0, "vector": "NONE"}}], "thn": [{"lastseen": "2022-08-03T09:59:40", "description": "[](<https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEhTOrIOL2CttCsOisd2VA2-gW84X4_vjRN0VeeVboCjatIhEmWgIzGhZkYZXyQiW0ewz7zHcj_3EwSdqRnAEPwbveJ6sP9b5SJiFO0gUhzcDnZ9z_5ucDfKC7Z8zpknqBWNLKePyknCnTPVaEsOxab4oLFhAcLQshylLe2hoOkVC6gAmgTmPpUk5AgR/s728-e100/vmware.jpg>)\n\nVirtualization services provider VMware on Tuesday shipped updates to [address 10 security flaws](<https://www.vmware.com/security/advisories/VMSA-2022-0021.html>) affecting multiple products that could be abused by unauthenticated attackers to perform malicious actions.\n\nThe issues, tracked from CVE-2022-31656 through CVE-2022-31665 (CVSS scores: 4.7 - 9.8), impact VMware Workspace ONE Access, Workspace ONE Access Connector, Identity Manager, Identity Manager Connector, vRealize Automation, Cloud Foundation, and vRealize Suite Lifecycle Manager.\n\nThe most severe of the flaws is CVE-2022-31656 (CVSS score: 9.8), an authentication bypass vulnerability affecting local domain users that could be leveraged by a bad actor with network access to obtain administrative rights.\n\nAlso resolved by VMware are three remote code execution vulnerabilities (CVE-2022-31658, CVE-2022-31659, and CVE-2022-31665) related to JDBC and SQL injection that could be weaponized by an adversary with administrator and network access.\n\n[](<https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEgI_LeUTMPRZAt45PycKydjnK35qzJ1vbQrYZzduBTK3pwXBSzoILVNO-NRrPV10q1CViYba9n3BFSkwCE3OiyPlBjFFKGfCsIsJrAb51zEv4pjpbI2p48W8c3Mtjx69-XrpwGlGorezClU2y2S8TfiA-6eMBO24eui8doqA0Tk1PmsxjAItUOG82gX/s728-e100/flaws.jpg>)\n\nElsewhere, it has also remediated a reflected cross-site scripting (XSS) vulnerability (CVE-2022-31663) that it said is a result of improper user sanitization, which could lead to the activation of malicious JavaScript code.\n\nRounding off the patches are three local privilege escalation bugs (CVE-2022-31660, CVE-2022-31661, and CVE-2022-31664) that permit an actor with local access to escalate privileges to \"root,\" a URL injection vulnerability (CVE-2022-31657), and a path traversal bug (CVE-2022-31662).\n\nWhile successful exploitation of CVE-2022-31657 makes it possible to redirect an authenticated user to an arbitrary domain, CVE-2022-31662 could equip an attacker to read files in an unauthorized manner.\n\nVMware said it's not aware of the exploitation of these vulnerabilities in the wild, but urged customers using the vulnerable products to [apply the patches immediately](<https://core.vmware.com/vmsa-2022-0021-questions-answers-faq>) to mitigate potential threats.\n\n \n\n\nFound this article interesting? Follow THN on [Facebook](<https://www.facebook.com/thehackernews>), [Twitter _\uf099_](<https://twitter.com/thehackersnews>) and [LinkedIn](<https://www.linkedin.com/company/thehackernews/>) to read more exclusive content we post.\n", "cvss3": {}, "published": "2022-08-03T04:49:00", "type": "thn", "title": "VMware Releases Patches for Several New Flaws Affecting Multiple Products", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2022-31656", "CVE-2022-31657", "CVE-2022-31658", "CVE-2022-31659", "CVE-2022-31660", "CVE-2022-31661", "CVE-2022-31662", "CVE-2022-31663", "CVE-2022-31664", "CVE-2022-31665"], "modified": "2022-08-03T08:25:40", "id": "THN:97305EC3B8A0058F1A01ECB0B12FBD3E", "href": "https://thehackernews.com/2022/08/vmware-releases-patches-for-several-new.html", "cvss": {"score": 0.0, "vector": "NONE"}}], "nessus": [{"lastseen": "2023-05-17T16:33:12", "description": "The VMware Workspace One Access (formerly VMware Identity Manager) application running on the remote host is affected by the following vulnerabilities:\n\n - An authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate. (CVE-2022-31656)\n\n - A remote code execution vulnerability. A malicious actor with administrator and network access can trigger a remote code execution. (CVE-2022-31658)\n\n - A remote code execution vulnerability. A malicious actor with administrator and network access can trigger a remote code execution. (CVE-2022-31659)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version.", "cvss3": {}, "published": "2022-08-09T00:00:00", "type": "nessus", "title": "VMware Workspace One Access / VMware Identity Manager Multiple Vulnerabilities (VMSA-2022-0021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-31656", "CVE-2022-31657", "CVE-2022-31658", "CVE-2022-31659", "CVE-2022-31660", "CVE-2022-31661", "CVE-2022-31662", "CVE-2022-31663", "CVE-2022-31664", "CVE-2022-31665"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:vmware:identity_manager", "cpe:/a:vmware:workspace_one_access"], "id": "VMWARE_WORKSPACE_ONE_ACCESS_VMSA-2022-0021.NASL", "href": "https://www.tenable.com/plugins/nessus/163939", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163939);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2022-31656\",\n \"CVE-2022-31657\",\n \"CVE-2022-31658\",\n \"CVE-2022-31659\",\n \"CVE-2022-31660\",\n \"CVE-2022-31661\",\n \"CVE-2022-31662\",\n \"CVE-2022-31663\",\n \"CVE-2022-31664\",\n \"CVE-2022-31665\"\n );\n script_xref(name:\"VMSA\", value:\"2022-0021\");\n script_xref(name:\"IAVA\", value:\"2022-A-0303\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2022-0027\");\n\n script_name(english:\"VMware Workspace One Access / VMware Identity Manager Multiple Vulnerabilities (VMSA-2022-0021)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An identity store broker application running on the remote host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The VMware Workspace One Access (formerly VMware Identity Manager) application running on the remote host is affected\nby the following vulnerabilities:\n\n - An authentication bypass vulnerability affecting local domain users. A malicious actor with network access\n to the UI may be able to obtain administrative access without the need to authenticate. (CVE-2022-31656)\n\n - A remote code execution vulnerability. A malicious actor with administrator and network access can trigger\n a remote code execution. (CVE-2022-31658)\n\n - A remote code execution vulnerability. A malicious actor with administrator and network access can trigger\n a remote code execution. (CVE-2022-31659)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.vmware.com/security/advisories/VMSA-2022-0021.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://core.vmware.com/vmsa-2022-0021-questions-answers-faq\");\n script_set_attribute(attribute:\"see_also\", value:\"https://kb.vmware.com/s/article/89096\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the HW-160130 hotfix to VMware Workspace One Access / VMware Identity Manager as per the VMSA-2022-0021 advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-31656\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'VMware Workspace ONE Access CVE-2022-31660');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/08/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:vmware:identity_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:vmware:workspace_one_access\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"vmware_workspace_one_access_web_detect.nbin\", \"vmware_workspace_one_access_installed.nbin\");\n script_require_keys(\"installed_sw/VMware Workspace ONE Access\");\n\n exit(0);\n}\n\ninclude('http.inc');\ninclude('vcf.inc');\ninclude('vcf_extras.inc');\n\nvar app = 'VMware Workspace ONE Access';\n\nvar app_info = vcf::vmware_workspace_one_access::get_app_info(combined:TRUE);\n\n# 3.3.[3456] don't have fixed builds, so audit out unless we are doing a paranoid scan\n# Remote detection does not pull hotfixes. Require paranoia\nif ((app_info.webapp || app_info.version =~ \"3\\.3\\.[3456]\\.\") && report_paranoia < 2)\n audit(AUDIT_POTENTIAL_VULN, app, app_info.version);\n\nvar patch = '160130';\n\nvar constraints = [\n { 'min_version':'3.3.4.0.0', 'fixed_version':'3.3.7.0.0', 'fixed_display':'Refer to vendor advisory and apply patch HW-160130.' },\n\n { 'min_version':'19.03.0.1', 'max_version':'19.03.0.1.99999999', 'fixed_display':'19.03.0.1 with HW-160130' },\n \n { 'min_version':'21.08.0.0.0', 'max_version':'21.08.0.0.99999999', 'fixed_display':'21.08.0.0 with HW-160130' },\n { 'min_version':'21.08.0.1', 'max_version':'21.08.0.1.99999999', 'fixed_display':'21.08.0.1 with HW-160130' }\n];\n\nvcf::vmware_workspace_one_access::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE, expected_patch:patch);\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "vmware": [{"lastseen": "2023-06-03T15:24:28", "description": "3a. Authentication Bypass Vulnerability (CVE-2022-31656) \n\nVMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8. \n\n3b. JDBC Injection Remote Code Execution Vulnerability (CVE-2022-31658) \n\nVMware Workspace ONE Access, Identity Manager and vRealize Automation contain a remote code execution vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.0. \n\n3c. SQL injection Remote Code Execution Vulnerability (CVE-2022-31659) \n\nVMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.0. \n\n3d. Local Privilege Escalation Vulnerability (CVE-2022-31660, CVE-2022-31661) \n\nVMware Workspace ONE Access, Identity Manager and vRealize Automation contain two privilege escalation vulnerabilities. VMware has evaluated the severity of these issues to be in the Important severity range with a maximum CVSSv3 base score of 7.8. \n\n3e. Local Privilege Escalation Vulnerability (CVE-2022-31664) \n\nVMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.8. \n\n3f. JDBC Injection Remote Code Execution Vulnerability (CVE-2022-31665) \n\nVMware Workspace ONE Access, Identity Manager and vRealize Automation contain a remote code execution vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.6. \n\n3g. URL Injection Vulnerability (CVE-2022-31657) \n\nVMware Workspace ONE Access and Identity Manager contain a URL injection vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.9. \n\n3h. Path traversal vulnerability (CVE-2022-31662) \n\nVMware Workspace ONE Access, Identity Manager, Connectors and vRealize Automation contain a path traversal vulnerability. VMware has evaluated the severity of this issues to be in the Moderate severity range with a maximum CVSSv3 base score of 5.3. \n\n3i. Cross-site scripting (XSS) vulnerability (CVE-2022-31663) \n\nVMware Workspace ONE Access, Identity Manager and vRealize Automation contain a reflected cross-site scripting (XSS) vulnerability. VMware has evaluated the severity of this issues to be in the Moderate severity range with a maximum CVSSv3 base score of 4.7.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-08-02T00:00:00", "type": "vmware", "title": "VMware Workspace ONE Access, Access Connector, Identity Manager, Identity Manager Connector and vRealize Automation updates address multiple vulnerabilities.", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-31656", "CVE-2022-31657", "CVE-2022-31658", "CVE-2022-31659", "CVE-2022-31660", "CVE-2022-31661", "CVE-2022-31662", "CVE-2022-31663", "CVE-2022-31664", "CVE-2022-31665"], "modified": "2022-08-09T00:00:00", "id": "VMSA-2022-0021.1", "href": "https://www.vmware.com/security/advisories/VMSA-2022-0021.1.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-12T17:12:24", "description": "3a. Authentication Bypass Vulnerability (CVE-2022-31656) \n\nVMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8. \n\n3b. JDBC Injection Remote Code Execution Vulnerability (CVE-2022-31658) \n\nVMware Workspace ONE Access, Identity Manager and vRealize Automation contain a remote code execution vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.0. \n\n3c. SQL injection Remote Code Execution Vulnerability (CVE-2022-31659) \n\nVMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.0. \n\n3d. Local Privilege Escalation Vulnerability (CVE-2022-31660, CVE-2022-31661) \n\nVMware Workspace ONE Access, Identity Manager and vRealize Automation contain two privilege escalation vulnerabilities. VMware has evaluated the severity of these issues to be in the Important severity range with a maximum CVSSv3 base score of 7.8. \n\n3e. Local Privilege Escalation Vulnerability (CVE-2022-31664) \n\nVMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.8. \n\n3f. JDBC Injection Remote Code Execution Vulnerability (CVE-2022-31665) \n\nVMware Workspace ONE Access, Identity Manager and vRealize Automation contain a remote code execution vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.6. \n\n3g. URL Injection Vulnerability (CVE-2022-31657) \n\nVMware Workspace ONE Access and Identity Manager contain a URL injection vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.9. \n\n3h. Path traversal vulnerability (CVE-2022-31662) \n\nVMware Workspace ONE Access, Identity Manager, Connectors and vRealize Automation contain a path traversal vulnerability. VMware has evaluated the severity of this issues to be in the Moderate severity range with a maximum CVSSv3 base score of 5.3. \n\n3i. Cross-site scripting (XSS) vulnerability (CVE-2022-31663) \n\nVMware Workspace ONE Access, Identity Manager and vRealize Automation contain a reflected cross-site scripting (XSS) vulnerability. VMware has evaluated the severity of this issues to be in the Moderate severity range with a maximum CVSSv3 base score of 4.7.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-08-02T00:00:00", "type": "vmware", "title": "VMware Workspace ONE Access, Access Connector, Identity Manager, Identity Manager Connector and vRealize Automation updates address multiple vulnerabilities.", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2022-31656", "CVE-2022-31657", "CVE-2022-31658", "CVE-2022-31659", "CVE-2022-31660", "CVE-2022-31661", "CVE-2022-31662", "CVE-2022-31663", "CVE-2022-31664", "CVE-2022-31665"], "modified": "2022-08-02T00:00:00", "id": "VMSA-2022-0021", "href": "https://www.vmware.com/security/advisories/VMSA-2022-0021.html", "cvss": {"score": 0.0, "vector": "NONE"}}]}
CVE-2022-31662
