Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2022-22972

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate.

  • Published: May 20, 2022
  • Updated: Apr 14, 2023
  • CVE: CVE-2022-22972
  • Severity: Critical
  • Exploit:

CVSS v3:

  • Severity: Critical
  • Score: 9.8
  • AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

OWASP TOP 10:

Software From Fixed in
vmware / identity_manager 3.3.3 3.3.3.x
vmware / identity_manager 3.3.4 3.3.4.x
vmware / identity_manager 3.3.5 3.3.5.x
vmware / identity_manager 3.3.6 3.3.6.x
vmware / vrealize_automation 7.6 7.6.x
vmware / workspace_one_access 20.10.0.0 20.10.0.0.x
vmware / workspace_one_access 20.10.0.1 20.10.0.1.x
vmware / workspace_one_access 21.08.0.0 21.08.0.0.x
vmware / workspace_one_access 21.08.0.1 21.08.0.1.x
vmware / cloud_foundation 4.0 4.0.x
vmware / cloud_foundation 4.0.1 4.0.1.x
vmware / vrealize_suite_lifecycle_manager 8.0 8.0.x
vmware / vrealize_suite_lifecycle_manager 8.0.1 8.0.1.x
vmware / vrealize_suite_lifecycle_manager 8.1 8.1.x
vmware / vrealize_suite_lifecycle_manager 8.2 8.2.x
vmware / cloud_foundation 3.0 3.0.x
vmware / cloud_foundation 3.0.1 3.0.1.x
vmware / cloud_foundation 3.0.1.1 3.0.1.1.x
vmware / cloud_foundation 3.5 3.5.x
vmware / cloud_foundation 3.5.1 3.5.1.x
vmware / cloud_foundation 3.7 3.7.x
vmware / cloud_foundation 3.7.1 3.7.1.x
vmware / cloud_foundation 3.7.2 3.7.2.x
vmware / cloud_foundation 3.8 3.8.x
vmware / cloud_foundation 3.8.1 3.8.1.x
vmware / cloud_foundation 3.9 3.9.x
vmware / cloud_foundation 3.9.1 3.9.1.x
vmware / cloud_foundation 3.10 3.10.x
vmware / cloud_foundation 4.1 4.1.x
vmware / cloud_foundation 4.2.1 4.2.1.x
vmware / cloud_foundation 4.1.0.1 4.1.0.1.x
vmware / cloud_foundation 3.11 3.11.x
vmware / cloud_foundation 3.10.1 3.10.1.x
vmware / cloud_foundation 3.10.1.1 3.10.1.1.x
vmware / cloud_foundation 3.10.1.2 3.10.1.2.x
vmware / cloud_foundation 3.10.2.1 3.10.2.1.x
vmware / cloud_foundation 3.10.2.2 3.10.2.2.x
vmware / cloud_foundation 4.3.1 4.3.1.x
vmware / cloud_foundation 4.3 4.3.x
vmware / cloud_foundation 4.2 4.2.x
vmware / cloud_foundation 3.11.0.1 3.11.0.1.x
vmware / vrealize_suite_lifecycle_manager 8.8 8.8.x
vmware / vrealize_suite_lifecycle_manager 8.7 8.7.x
vmware / vrealize_suite_lifecycle_manager 8.6-patch1 8.6-patch1.x
vmware / vrealize_suite_lifecycle_manager 8.6.1 8.6.1.x
vmware / vrealize_suite_lifecycle_manager 8.6.2 8.6.2.x
vmware / vrealize_suite_lifecycle_manager 8.6 8.6.x
vmware / vrealize_suite_lifecycle_manager 8.4.1-patch1 8.4.1-patch1.x
vmware / vrealize_suite_lifecycle_manager 8.4.1-patch2 8.4.1-patch2.x
vmware / vrealize_suite_lifecycle_manager 8.4.1-patch3 8.4.1-patch3.x
vmware / vrealize_suite_lifecycle_manager 8.4-patch1 8.4-patch1.x
vmware / vrealize_suite_lifecycle_manager 8.4.1 8.4.1.x
vmware / vrealize_suite_lifecycle_manager 8.4 8.4.x
vmware / vrealize_suite_lifecycle_manager 8.3-patch1 8.3-patch1.x
vmware / vrealize_suite_lifecycle_manager 8.3-patch2 8.3-patch2.x
vmware / vrealize_suite_lifecycle_manager 8.3-patch3 8.3-patch3.x
vmware / vrealize_suite_lifecycle_manager 8.3 8.3.x
vmware / vrealize_suite_lifecycle_manager 8.2-patch1 8.2-patch1.x
vmware / vrealize_suite_lifecycle_manager 8.2-patch2 8.2-patch2.x
vmware / vrealize_suite_lifecycle_manager 8.2-patch3 8.2-patch3.x