VMware on Tuesday announced patches for several critical and high-severity vulnerabilities affecting VMware Workspace ONE Access, Identity Manager, vRealize Automation, and other products.
A total of ten security flaws are detailed in the company’s advisory, affecting VMware Workspace ONE Access, Access Connector, Identity Manager, Identity Manager Connector, and vRealize Automation. One of the issues is rated “critical severity.”
Tracked as CVE-2022-31656 (CVSS scores: 9.8), the issues impact VMware Workspace ONE Access, Identity Manager, and vRealize Automation. “A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate,” the company noted in its advisory. CVE-2022-31656 - critical auth bypass flaw in multiple VMware products
so.cl
Rascals are always sociable, and the chief sign that a man has any nobility in his character is the little pleasure he takes in others company. Arthur Schopenhauer