CVE-2022-31700

4 documents4 sources

Severity

7.2HIGH

EPSS

2.4%

top 14.81%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Vmware Access Vmware Identity Manager

Timeline

PublishedDec 14

Description

VMware Workspace ONE Access and Identity Manager contain an authenticated remote code execution vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.2.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 1.2 | Impact: 5.9

Affected Packages2 packages

▶NVDvmware/identity_manager3.3.6

▶NVDvmware/access21.08.0.0, 21.08.0.1+1

🔴Vulnerability Details

GHSA

GHSA-5cxh-9g8r-jph6: VMware Workspace ONE Access and Identity Manager contain an authenticated remote code execution vulnerability↗2022-12-14

▶

CVEList

CVE-2022-31700: VMware Workspace ONE Access and Identity Manager contain an authenticated remote code execution vulnerability↗2022-12-14

▶

📋Vendor Advisories

VMware

VMware Workspace ONE Access and Identity Manager updates address multiple vulnerabilities (CVE-2022-31700, CVE-2022-31701).↗2022-12-13

▶