Scroll Top

VMware Releases Fix for Critical Vulnerabilities

VMware Releases Fix for Critical Vulnerabilities
VMware
0
By Jeffrey Jones Bugs Issues Hacking Attacks Security Blog August 3, 2022

Wednesday August 3, 2022

VMware has released fixes for ten vulnerabilities, including a fix for an authentication bypass vulnerability that affects VMware Workspace ONE Access, Identity Manager and vRealize Automation. VMware considers the update critical and advises VM Administrators to patch or mitigate immediately.

Specifically, CVE-2022-31656 is an authentication bypass vulnerability. The authentication bypass allows anyone access to the system. The Flaw affects local domain users on VMware Workspace ONE Access, Identity Manager and vRealize Automation. The Flaw allows an attacker with network access to the User Interface can obtain administrative access without the need to authenticate first i.e. anyone.

There is an indication that this vulnerability (CVE-2022-31656) might soon be leveraged by attackers in the wild, since the security researcher who reported CVE-2022-31656 is planning to release a technical write up and a Proof of Concept (PoC) Exploit soon.

Petrus Viet, the researcher who discovered CVE-2022-31656, has also reported CVE-2022-31659, a SQL injection flaw that can be exploited to trigger a remote code execution. These two vulnerabilities could, for example, be concatenated in a very effective exploit chain

VMware also addressed these security flaws:

  • CVE-2022-31657 – URL Injection Vulnerability
  • CVE-2022-31658 – JDBC Injection Remote Code Execution Vulnerability
  • CVE-2022-31659 – SQL injection Remote Code Execution Vulnerability
  • CVE-2022-31660 – Local Privilege Escalation Vulnerability
  • CVE-2022-31661 – Local Privilege Escalation Vulnerability
  • CVE-2022-31662 – Path traversal vulnerability
  • CVE-2022-31663 – Cross-site scripting (XSS) vulnerability
  • CVE-2022-31664 – Local Privilege Escalation Vulnerability
  • CVE-2022-31665 – JDBC Injection Remote Code Execution Vulnerability

About CVE-2022-31656

“CVE-2022-31656 is an authentication bypass vulnerability in VMware Workspace ONE Access, Identity Manager and vRealize Automation that affects local domain users and was assigned a CVSSv3 score of 9.8.

A remote attacker must have network access to a vulnerable user interface and could use this flaw to bypass authentication and gain administrative access.” says Claire Tills, senior research engineer at Tenable.

Patch Instructions are available below

https://kb.vmware.com/s/article/89096

0
Jeffrey Jones / About Author
Jeff Jones is a Cyber Security Architect and Ethical Hacker for Topgallant Partners. He has been in Data Communications for over 35 years. He responsible for all day-to-day operations, technical consulting, and security design for Topgallant.

His expertise is in Security Program Design, Security Risk Analysis and Assessment and Cyber Security Testing to include Penetration Testing, Vulnerability Testing, Social Engineering, Phishing, Wi-Fi Exploitations, Password Cracking, Man-in-the Middle Attacks and Web Application Hacking.

He has a M.A. in Computer Resources Management from Webster University and a B.A. in Journalism from Purdue University. He is also a terrible golfer.
More posts by Jeffrey Jones

Related Posts

Facebook et al Now Back Up; Change Management the Issue

Issue Acknowledged by All Via Twitter Facebook and associated Websites are down. Issue is unknown right now. Facebook was featured…

0
0
04 Oct 2021
HardWired GPS Auto Tracker Can Be Hacked

Two Days ago, CISA released an Industrial Controls Systems Advisory (ICSA) detailing six vulnerabilities that were discovered in MiCODUS MV720 Global Positioning System (GPS) Tracker

1
1
21 Jul 2022
Justice Department Links Russians To Hacking Yahoo

Hacking Yahoo Russian Style In a recent news story from CNBC, the Justice Department said Wednesday that two Russian intelligence agents…

0
0
07 Apr 2017
Strengthening ICS – Learning From the Bosch Torque Wrench Breach

Strengthening Industrial Control Systems Cybersecurity: Learning from the Bosch Torque Wrench Breach The recent cyber breach involving Bosch’s torque wrench…

1
1
01 May 2024
Are Pagers HIPAA Compliant for ePHI?

Recently, I was asked my opinion on whether Pagers were compliant to HIPAA. I actually had never thought about it…

1
1
10 Oct 2012
microsoft
Unsecured Internet Databases are being Deleted by the Meow Attack

New Attack on the Internet

0
0
24 Aug 2020
Major Healthcare Breaches in 2024 So Far…

Here is in interesting stat, 2023 saw 114 data breaches of 100,000 or more records, including 26 breaches of more…

1
1
20 Mar 2024
Chinese Nationals arrested for Hacking Law Firms

Hacking Target Seven Law Firms The three individuals were arrested for targeting seven law firms in the US who were…

0
0
28 Dec 2016
crowdstrike
New Jersey Healthcare Data Breach Exposes 4.5 Million

HealthEC LLC a New Jersey based health technology company reported a data breach that impacted nearly 4.5 million patients across…

0
0
12 Jan 2024
Updated AT&T Breach Report Affects an estimated 73 Million Customers

April 30, 2024 AT&T has reported a data breach so it’s time to change your AT&T password, and if you…

0
0
30 Apr 2024
Critical Security Flaw: ConfusedFunction Vulnerability in Google Cloud Platform Exposed

In the constantly evolving landscape of cloud computing, ensuring robust security measures is paramount. Recently, cybersecurity researchers have identified a…

0
0
26 Jul 2024
Over 2.9 Billion Recently Hacked PII Records Found on Darknet

According to a recent filing and class action lawsuit in the Southern Florida US District Court. An information Services Company,…

0
0
08 Aug 2024
Ransomware
Feds Release Akira Ransomware Defense Info

Washington, DC  –  Today, CISA, the Federal Bureau of Investigation (FBI), Europol’s European Cybercrime Centre (EC3), and the Netherlands’ National…

0
0
18 Apr 2024
Cyber Insurance: What, Why and is it Worth It?

What is Cyber Insurance? Cyber Insurance is a type of insurance that helps businesses and individuals mitigate the financial losses…

1
1
21 Apr 2023
Everyday Programs Abused by Hackers for Evil Deeds

Seemingly Benign Programs used for Hacking Hackers use seemingly benign programs for Nefarious Purposes. Hackers manipulate and repurpose software and…

2
2
07 Sep 2023
Our website uses cookies from third party services to improve your browsing experience. Read more about this and how you can control cookies by clicking "Privacy Preferences".
Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.
Privacy Policy
You have read and agreed to our privacy policy
Required