CVE-2022-31665
Description
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a remote code execution vulnerability. A malicious actor with administrator and network access can trigger a remote code execution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
VMware Workspace ONE Access, Identity Manager, and vRealize Automation contain a remote code execution vulnerability exploitable by an authenticated administrator with network access.
Vulnerability
VMware Workspace ONE Access, Identity Manager, and vRealize Automation contain a remote code execution vulnerability (CVE-2022-31665) as disclosed in VMSA-2022-0021 [1]. The vulnerability exists in the affected product versions specified in the advisory, requiring no user interaction beyond administrative privileges.
Exploitation
An attacker with administrative privileges and network access to the affected system can trigger remote code execution by sending specially crafted requests [1]. No additional authentication or user interaction is required beyond the administrator-level access.
Impact
Successful exploitation allows the attacker to execute arbitrary code on the target system, potentially leading to full compromise of the affected application and underlying infrastructure [1].
Mitigation
VMware has released patches to address this vulnerability as part of the VMSA-2022-0021 advisory [1]. Affected organizations should apply the recommended updates immediately. No workarounds are currently available.
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
4- VMware/Workspace ONE Access, Identity Manager and vRealize Automationdescription
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.vmware.com/security/advisories/VMSA-2022-0021.htmlmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.