CVE-2022-31656

Summary

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate.

Affected Software

VendorProductVersion RangeStatus
n/aVMware Workspace ONE Access, Identity Manager and vRealize AutomationWorkspace One Access (21.08.0.1 & 21.08.0.0), Identity Manager (vIDM) (3.3.6, 3.3.5 & 3.3.4), and vRealize Automation 7.6affected

Weaknesses

  • Authentication Bypass Vulnerability

ADP Enrichment

CVE Program Container

Additional References

References