7th October 2022

2 Vulnerabilities in VMware – CVE-2022-22972,CVE-2022-22973

Various level 2 security vulnerabilities have been published by VMware related to various products. In case of exploitation of these vulnerabilities, obtaining administrative authority with authentication bypass, etc. situations that may result.

Affected Systems

  • VMware Workspace ONE Access (Access)
  • VMware Identity Manager (vIDM)
  • VMware vRealize Automation (vRA)
  • VMware Cloud Foundation
  • vRealize Suite Lifecycle Manager

Solution and CVE/CWE

CVE/CWE: CVE-2022-22972, CVE-2022-22973

It is recommended by VMware to apply the solution suggestions specified in the link below.

https://www.vmware.com/security/advisories/VMSA-2022-0014.html

Note: Those with CVSS 3.1 scores of 7.0-8.9 (out of 10) are considered “high”, and those with 9.0-10.0 are considered “critical”.

Reference:

https://www.vmware.com/security/advisories/VMSA-2022-0014.html

 

LEARN MORE  Windows User Account Control and Settings by Security

Leave a Reply

Your email address will not be published. Required fields are marked *