CVE-2022-22972
Description
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
CVE-2022-22972 is an authentication bypass in VMware Workspace ONE Access, Identity Manager, and vRealize Automation allowing unauthenticated network access to gain admin rights.
Vulnerability
CVE-2022-22972 is an authentication bypass vulnerability affecting local domain users in VMware Workspace ONE Access (Access), VMware Identity Manager (vIDM), and VMware vRealize Automation (vRA). The flaw exists in the UI authentication mechanism, allowing a malicious actor with network access to the UI to obtain administrative access without needing to authenticate. Affected versions include VMware Workspace ONE Access 21.08.0.1, 21.08.0.0, 20.10.0.1, 20.10.0.0; VMware Identity Manager 3.3.6, 3.3.5, 3.3.4, 3.3.3; and VMware vRealize Automation 8.8.0, 8.7.1, 8.7.0, 8.6.x, 8.5.x, 8.4.x, 8.3.x, 8.2.x, 8.1.x, 8.0.x, 7.6.x, 7.5.x, 7.4.x, 7.3.x, 7.2.x, 7.1.x, 7.0.x. [1]
Exploitation
An attacker with network access to the user interface of the affected VMware products can exploit this vulnerability. The attacker does not require any prior authentication or local user credentials. The exploitation likely involves crafting requests to bypass the authentication check, as the vulnerability is specifically described as an authentication bypass affecting local domain users. No user interaction is required, and the attack complexity is considered low.[1]
Impact
Successful exploitation allows the attacker to gain administrative access to the affected system without the need to authenticate. This results in a complete compromise of confidentiality, integrity, and availability of the targeted VMware product, as the attacker obtains full administrative privileges. The CVSSv3 base score for this vulnerability is 9.8 (Critical). [1]
Mitigation
VMware has released patches to remediate this vulnerability. Customers should update to the following fixed versions: Workspace ONE Access 21.08.0.1 (build 21447913) and later, Identity Manager 3.3.6 (build 21447887) and later, and vRealize Automation 8.8.0 (build 21452168) and later. For Cloud Foundation (vRealize Automation) and vRealize Suite Lifecycle Manager, updates are also available as part of the respective product updates. No workaround is provided; applying the patches is the only mitigation. VMware recommends immediate patching.[1]
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
4- VMware/Workspace ONE Access, Identity Manager and vRealize Automationdescription
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.vmware.com/security/advisories/VMSA-2022-0014.htmlmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.