CVE-2022-22972

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate.

Link	Resource
https://www.vmware.com/security/advisories/VMSA-2022-0014.html	Vendor Advisory

Configuration 1

cpe:2.3:a:vmware:cloud_foundation:4.0:*:*:*:*:*:*:* cpe:2.3:a:vmware:cloud_foundation:4.0.1:*:*:*:*:*:*:* cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.0:*:*:*:*:*:*:* cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.0.1:*:*:*:*:*:*:* cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.1:*:*:*:*:*:*:* cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.2:*:*:*:*:*:*:* cpe:2.3:a:vmware:cloud_foundation:3.0:*:*:*:*:*:*:* cpe:2.3:a:vmware:cloud_foundation:3.0.1:*:*:*:*:*:*:* cpe:2.3:a:vmware:cloud_foundation:3.0.1.1:*:*:*:*:*:*:* cpe:2.3:a:vmware:cloud_foundation:3.5:*:*:*:*:*:*:* cpe:2.3:a:vmware:cloud_foundation:3.5.1:*:*:*:*:*:*:* cpe:2.3:a:vmware:cloud_foundation:3.7:*:*:*:*:*:*:* cpe:2.3:a:vmware:cloud_foundation:3.7.1:*:*:*:*:*:*:* cpe:2.3:a:vmware:cloud_foundation:3.7.2:*:*:*:*:*:*:* cpe:2.3:a:vmware:cloud_foundation:3.8:*:*:*:*:*:*:* cpe:2.3:a:vmware:cloud_foundation:3.8.1:*:*:*:*:*:*:* cpe:2.3:a:vmware:cloud_foundation:3.9:*:*:*:*:*:*:* cpe:2.3:a:vmware:cloud_foundation:3.9.1:*:*:*:*:*:*:* cpe:2.3:a:vmware:cloud_foundation:3.10:*:*:*:*:*:*:* cpe:2.3:a:vmware:cloud_foundation:4.1:*:*:*:*:*:*:* cpe:2.3:a:vmware:cloud_foundation:4.2.1:*:*:*:*:*:*:* cpe:2.3:a:vmware:cloud_foundation:4.1.0.1:*:*:*:*:*:*:* cpe:2.3:a:vmware:cloud_foundation:3.11:*:*:*:*:*:*:* cpe:2.3:a:vmware:cloud_foundation:3.10.1:*:*:*:*:*:*:* cpe:2.3:a:vmware:cloud_foundation:3.10.1.1:*:*:*:*:*:*:* cpe:2.3:a:vmware:cloud_foundation:3.10.1.2:*:*:*:*:*:*:* cpe:2.3:a:vmware:cloud_foundation:3.10.2.1:*:*:*:*:*:*:* cpe:2.3:a:vmware:cloud_foundation:3.10.2.2:*:*:*:*:*:*:* cpe:2.3:a:vmware:cloud_foundation:4.3.1:*:*:*:*:*:*:* cpe:2.3:a:vmware:cloud_foundation:4.3:*:*:*:*:*:*:* cpe:2.3:a:vmware:cloud_foundation:4.2:*:*:*:*:*:*:* cpe:2.3:a:vmware:cloud_foundation:3.11.0.1:*:*:*:*:*:*:* cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.8:*:*:*:*:*:*:* cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.7:*:*:*:*:*:*:* cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.6:patch1:*:*:*:*:*:* cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.6.1:*:*:*:*:*:*:* cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.6.2:*:*:*:*:*:*:* cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.6:*:*:*:*:*:*:* cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.4.1:patch1:*:*:*:*:*:* cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.4.1:patch2:*:*:*:*:*:* cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.4.1:patch3:*:*:*:*:*:* cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.4:patch1:*:*:*:*:*:* cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.4.1:*:*:*:*:*:*:* cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.4:*:*:*:*:*:*:* cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.3:patch1:*:*:*:*:*:* cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.3:patch2:*:*:*:*:*:* cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.3:patch3:*:*:*:*:*:* cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.3:*:*:*:*:*:*:* cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.2:patch1:*:*:*:*:*:* cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.2:patch2:*:*:*:*:*:* cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.2:patch3:*:*:*:*:*:*

---

Published : 2022-05-20 09:15

Updated : 2022-05-27 05:48

---

NVD link : CVE-2022-22972

Mitre link : CVE-2022-22972

No products.

CWE-287