Skip to main content
close search
site logo
Dive Brief

VMware discloses new authentication bypass vulnerability

The virtualization giant advised customers to immediately deploy patches and said it’s not aware of any exploitation in the wild.

Published Aug. 2, 2022
Matt Kapko's headshot
Senior Reporter
Blue padlock made to resemble a circuit board and placed on binary computer code.
matejmo via Getty Images
This audio is auto-generated. Please let us know if you have feedback.

Dive Brief:

  • VMware disclosed yet another critical vulnerability that threat actors could exploit to bypass authentication in the same products that carried a similar defect in May with equal potential for severe damage.
  • The latest vulnerability, CVE-2022-31656, impacts VMware Workspace ONE Access, Identity Manager and vRealize Automation, according to an initial security advisory issued Tuesday by VMware. This is the second authentication bypass vulnerability to hit these products in less than three months.
  • VMware issued patches for three impacted products and rated the vulnerability in the critical severity range with a 9.8 score on the common vulnerability scoring system, bearing another similarity to the previous bug.

Dive Insight:

Critical vulnerabilities are a recurring problem for VMware customers. The previously disclosed vulnerability, CVE-2022-22972, earned the same critical severity score of 9.8 and elicited an emergency directive from the Cybersecurity and Infrastructure Security Agency in May.

A malicious actor with network access to the user interface on the VMware products could potentially gain administrative access and bypass authentication, the company said.

VMware, in a supplemental blog post, warned all customers using the impacted products could be at risk. The company advised customers to deploy patches immediately, and discouraged relying on workarounds.

The virtualization leader, which provides software widely used in enterprise and government infrastructure, also disclosed nine additional vulnerabilities on Tuesday, including six in the important severity range and three in the moderate severity range. The most serious of those could be exploited by threat actors to trigger a remote code execution when paired with CVE-2022-31656.

“As an authentication bypass, exploitation of this flaw opens up the possibility that attackers could create very troubling exploit chains,” Claire Tills, senior research engineer at Tenable, wrote in a blog post.

VMware said it is not aware of any exploitation of the vulnerabilities in the wild.

Filed Under: Vulnerability

Editors' picks

Company Announcements

View all | Post a press release
Only Cynet Delivers 100% Protection and 100% Detection Visibility in the 2024 MITRE ATT&CK Eva…
From Cynet Security
December 11, 2024
Rumpke Data Breach Investigation
From Migliaccio and Rathod
December 11, 2024
DigiCert Releases First-of-Its-Kind Open-Source DCV Library to Elevate Industry Standards
From DigiCert
December 18, 2024
Migliaccio and Rathod Investigates Byte Federal Data Breach
From Migliaccio and Rathod
December 12, 2024
Editors' picks
Latest in Vulnerability
Industry Dive is an Informa TechTarget business.
© 2024 TechTarget, Inc. or its subsidiaries. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell
This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world's technology buyers and sellers. All copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.'s registered office is 275 Grove St. Newton, MA 02466.