VMware discloses new authentication bypass vulnerability

This page was created programmatically, to read the article in its original location you can go to the link bellow:
https://www.cybersecuritydive.com/news/vmware-vulnerability-authentication/628721/
and if you want to remove this article from our site please contact us


This audio is auto-generated. Please let us know if you have feedback.

Dive Brief:

  • VMware disclosed yet another critical vulnerability that threat actors could exploit to bypass authentication in the same products that carried a similar defect in May with equal potential for severe damage.
  • The latest vulnerability, CVE-2022-31656, impacts VMware Workspace ONE Access, Identity Manager and vRealize Automation, according to an initial security advisory issued Tuesday by VMware. This is the second authentication bypass vulnerability to hit these products in less than three months.
  • VMware issued patches for three impacted products and rated the vulnerability in the critical severity range with a 9.8 score on the common vulnerability scoring system, bearing another similarity to the previous bug.

Dive Insight:

Critical vulnerabilities are a recurring problem for VMware customers. The previously disclosed vulnerability, CVE-2022-22972, earned the same critical severity score of 9.8 and elicited an emergency directive from the Cybersecurity and Infrastructure Security Agency in May.

A malicious actor with network access to the user interface on the VMware products could potentially gain administrative access and bypass authentication, the company said.

VMware, in a supplemental blog post, warned all customers using the impacted products could be at risk. The company advised customers to deploy patches immediately, and discouraged relying on workarounds.

The virtualization leader, which provides software widely used in enterprise and government infrastructure, also disclosed nine additional vulnerabilities on Tuesday, including six in the important severity range and three in the moderate severity range. The most serious of those could be exploited by threat actors to trigger a remote code execution when paired with CVE-2022-31656.

“As an authentication bypass, exploitation of this flaw opens up the possibility that attackers could create very troubling exploit chains,” Claire Tills, senior research engineer at Tenable, wrote in a blog post.

VMware said it is not aware of any exploitation of the vulnerabilities in the wild.


This page was created programmatically, to read the article in its original location you can go to the link bellow:
https://www.cybersecuritydive.com/news/vmware-vulnerability-authentication/628721/
and if you want to remove this article from our site please contact us

Matt Kapko

Leave a Reply

You have to agree to the comment policy.

one × four =