CVE-2022-22972
published 2022-05-20CVE-2022-22972: VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate.
Affected
49 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| vmware | cloud_foundation | — | — |
| vmware | cloud_foundation | — | — |
| vmware | cloud_foundation | — | — |
| vmware | cloud_foundation | — | — |
| vmware | cloud_foundation | — | — |
| vmware | cloud_foundation | — | — |
| vmware | cloud_foundation | — | — |
| vmware | cloud_foundation | — | — |
| vmware | cloud_foundation | — | — |
| vmware | cloud_foundation | — | — |
| vmware | cloud_foundation | — | — |
| vmware | cloud_foundation | — | — |
| vmware | cloud_foundation | — | — |
| vmware | cloud_foundation | — | — |
| vmware | cloud_foundation | — | — |
| vmware | cloud_foundation | — | — |
| vmware | cloud_foundation | — | — |
| vmware | cloud_foundation | — | — |
| vmware | cloud_foundation | — | — |
| vmware | cloud_foundation | — | — |
| vmware | cloud_foundation | — | — |
| vmware | cloud_foundation | — | — |
| vmware | cloud_foundation | — | — |
| vmware | cloud_foundation | — | — |
| vmware | cloud_foundation | — | — |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vulncheck9.8CRITICAL