logo
DATABASE RESOURCES PRICING ABOUT US

VMware Workspace One Access / VMware Identity Manager Multiple Vulnerabilities (VMSA-2022-0021)

Description

The VMware Workspace One Access (formerly VMware Identity Manager) application running on the remote host is affected by the following vulnerabilities: - An authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate. (CVE-2022-31656) - A remote code execution vulnerability. A malicious actor with administrator and network access can trigger a remote code execution. (CVE-2022-31658) - A remote code execution vulnerability. A malicious actor with administrator and network access can trigger a remote code execution. (CVE-2022-31659) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version.


Related