Lucene search
VmwareCVELIST:CVE-2022-22956HistoryApr 13, 2022 - 12:00 a.m.
CVE-2022-22956
2022-04-1300:00:00
vmware
www.cve.org
6
vmware workspace one access
authentication bypass
oauth2 acs framework
malicious actor
VMware Workspace ONE Access has two authentication bypass vulnerabilities (CVE-2022-22955 & CVE-2022-22956) in the OAuth2 ACS framework. A malicious actor may bypass the authentication mechanism and execute any operation due to exposed endpoints in the authentication framework.
CNA Affected
[
{
"vendor": "n/a",
"product": "VMware Workspace ONE Access",
"versions": [
{
"version": "Access 21.08.0.1, 21.08.0.0, 20.10.0.1, 20.10.0.0.",
"status": "affected"
}
]
}
]Related
cvelist
cvelist
CVE-2022-22955
2022-04-13 17:05:58
cve
cve
CVE-2022-22955
2022-04-13 18:15:12
CVE-2022-22956
2022-04-13 18:15:12
nvd
nvd
CVE-2022-22956
2022-04-13 18:15:12
CVE-2022-22955
2022-04-13 18:15:12
prion
prion
Authentication flaw
2022-04-13 18:15:00
Authentication flaw
2022-04-13 18:15:00
srcincite
srcincite
thn
thn
nessus
nessus
vmware
vmware
packetstorm
packetstorm
Mware Workspace ONE Remote Code Execution
2023-04-18 00:00:00
metasploit
metasploit
VMware Workspace ONE Access VMSA-2022-0011 exploit chain
2023-04-06 03:10:34
zdt
zdt
VMware Workspace ONE Remote Code Execution Exploit
2023-04-18 00:00:00
rapid7blog
rapid7blog
Metasploit Weekly Wrap-Up
2023-04-21 18:02:40
hivepro
hivepro
Weekly Threat Digest: 11 – 17 April 2022
2022-04-21 04:59:07