Various level 2 security vulnerabilities have been published by VMware related to various products. In case of exploitation of these vulnerabilities, obtaining administrative authority with authentication bypass, etc. situations that may result.
- VMware Workspace ONE Access (Access)
- VMware Identity Manager (vIDM)
- VMware vRealize Automation (vRA)
- VMware Cloud Foundation
- vRealize Suite Lifecycle Manager
Solution and CVE/CWE
CVE/CWE: CVE-2022-22972, CVE-2022-22973
It is recommended by VMware to apply the solution suggestions specified in the link below.
Note: Those with CVSS 3.1 scores of 7.0-8.9 (out of 10) are considered “high”, and those with 9.0-10.0 are considered “critical”.