CVE-2022-31659

Vulnerability

VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability that can be triggered by a malicious actor with administrator and network access. The flaw exists in the affected products prior to the updates released in VMSA-2022-0021. [1]

Exploitation

An attacker with administrative privileges and network connectivity can exploit this vulnerability by sending specially crafted requests to the vulnerable service. No additional user interaction is required beyond the attacker's own authenticated access. The advisory classifies the attack vector as network-based with high complexity due to the privilege requirement. [1]

Impact

Successful exploitation allows the attacker to execute arbitrary code on the affected system, potentially leading to full compromise of the Workspace ONE Access or Identity Manager appliance. This could result in unauthorized access to sensitive data, modification of system configurations, or lateral movement within the VMware infrastructure. [1]

Mitigation

VMware has released software updates to remediate this vulnerability. The fixed versions are detailed in VMSA-2022-0021, with the advisory updated on August 9, 2022. Users should apply the latest patches for Workspace ONE Access, Identity Manager, and related components. No workarounds are provided in the advisory. [1]