Your Yello Ring Road To Success
GOOGLE LOGIN MY ADS MY SHOP

VMware Releases Critical Patches for New Vulnerabilities Affecting Multiple Products

VMware has released security updates to patch eight
vulnerabilities spanning its products, some of which could be
exploited to launch remote code execution attacks.

Tracked from CVE-2022-22954 to CVE-2022-22961[1] (CVSS scores: 5.3 –
9.8), the issues impact VMware Workspace ONE Access, VMware
Identity Manager, VMware vRealize Automation, VMware Cloud
Foundation, and vRealize Suite Lifecycle Manager.

Five of the eight bugs are rated Critical, two are rated
Important, and one is rated Moderate in severity. Credited with
reporting all the vulnerabilities is Steven Seeley of Qihoo 360
Vulnerability Research Institute.

CyberSecurity

The list of flaws is below –

  • CVE-2022-22954 (CVSS score: 9.8) – Server-side
    template injection remote code execution vulnerability affecting
    VMware Workspace ONE Access and Identity Manager
  • CVE-2022-22955 & CVE-2022-22956 (CVSS scores:
    9.8) – OAuth2 ACS authentication bypass vulnerabilities in VMware
    Workspace ONE Access
  • CVE-2022-22957 & CVE-2022-22958 (CVSS scores:
    9.1) – JDBC injection remote code execution vulnerabilities in
    VMware Workspace ONE Access, Identity Manager, and vRealize
    Automation
  • CVE-2022-22959 (CVSS score: 8.8) – Cross-site
    request forgery (CSRF) vulnerability in VMware Workspace ONE
    Access, Identity Manager, and vRealize Automation
  • CVE-2022-22960 (CVSS score: 7.8) – Local
    privilege escalation vulnerability in VMware Workspace ONE Access,
    Identity Manager and vRealize Automation, and
  • CVE-2022-22961 (CVSS score: 5.3) – Information
    disclosure vulnerability impacting VMware Workspace ONE Access,
    Identity Manager and vRealize Automation

CyberSecurity

Successful exploitation of the aforementioned weaknesses could
allow a malicious actor to escalate privileges to root user, gain
access to the hostnames of the target systems, and remotely execute
arbitrary code, effectively allowing full takeover.

“This critical vulnerability should be patched or mitigated
immediately,” VMware said[2]
in an alert. “The ramifications of this vulnerability are
serious.”

While the virtualization services provider noted that it has not
seen any evidence that the vulnerabilities have been exploited in
the wild, it’s highly recommended to apply the patches to remove
potential threats.

“Workarounds, while convenient, do not remove the
vulnerabilities, and may introduce additional complexities that
patching would not,” the company cautioned.

References

  1. ^
    CVE-2022-22954 to CVE-2022-22961
    (www.vmware.com)
  2. ^
    said
    (core.vmware.com)

Read more