CVE-2022-22972
Published: 20 May 2022
Summary
CVE-2022-22972 is a critical-severity an unspecified weakness vulnerability in Vmware Cloud Foundation. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 0.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
VMware Workspace ONE Access, Identity Manager, and vRealize Automation contain an authentication bypass vulnerability that affects local domain users. The flaw permits an unauthenticated attacker to reach the product UI over the network and obtain administrative privileges, corresponding to a CVSS 3.1 base score of 9.8.
An attacker with network access to the affected user-interface endpoints can exploit the weakness without supplying credentials, resulting in full administrative control over the compromised instance. The attack requires no user interaction and no prior privileges.
VMware published advisory VMSA-2022-0014 to address the issue. The EPSS score for this CVE has remained consistently high, with a current value of 0.9368 and a recorded peak of 0.9376.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-28088
Vulnerability details
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.