CVE-2022-31656

Vulnerability

VMware Workspace ONE Access, Identity Manager, and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. The bug allows a malicious actor with network access to the UI to obtain administrative access without needing to authenticate. The affected versions are those prior to the patches released in VMSA-2022-0021 [1].

Exploitation

An attacker needs only network access to the administrative UI of the affected product. No prior authentication or user interaction is required. By exploiting the authentication bypass, the attacker can gain administrative privileges directly.

Impact

Successful exploitation grants the attacker full administrative access to the affected system. This can lead to complete compromise of confidentiality, integrity, and availability of the application and potentially the underlying infrastructure.

Mitigation

VMware has released security updates to address this vulnerability as part of VMSA-2022-0021. Administrators should apply the relevant patches as soon as possible. No workarounds have been provided. The vulnerability is not listed in CISA's Known Exploited Vulnerabilities catalog [1].