CVE-2022-31656

CRITICAL EXPLOITED NUCLEI

VMware Workspace ONE Access, Identity Manager, and vRealize Automation - Unauthenticated Authentication Bypass

Title source: llm

Exploitation Summary

CVE-2022-31656 has been observed exploited in the wild (reported by VulnCheck KEV). A Nuclei detection template is also available.

Description

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate.

Nuclei Templates (1)

VMware - Local File Inclusion

CRITICALVERIFIEDby DhiyaneshDk

Shodan: http.favicon.hash:-1250474341

FOFA: icon_hash=-1250474341 || app="vmware-workspace-one-access" || app="vmware-identity-manager" || app="vmware-vrealize"

References (1)

Core 1

Core References

Patch, Vendor Advisory x_refsource_misc

https://www.vmware.com/security/advisories/VMSA-2022-0021.html

Scores

CVSS v3 9.8

EPSS 0.1843

EPSS Percentile 96.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2023-11-13

Status published

Products (12)

vmware/access_connector 21.08.0.0

vmware/access_connector 21.08.0.1

vmware/access_connector 22.05

vmware/identity_manager 3.3.4

vmware/identity_manager 3.3.5

vmware/identity_manager 3.3.6

vmware/identity_manager_connector 3.3.4

vmware/identity_manager_connector 3.3.5

vmware/identity_manager_connector 3.3.6

vmware/identity_manager_connector 19.03.0.1

... and 2 more

Published Aug 05, 2022

Tracked Since Feb 18, 2026