By security practitioners, for security practitioners novacoast federal | Apex Program | novacoast | about innovate
By security practitioners, for security practitioners

VMWare Patches Severe Vulnerabilities Across Multiple Platforms

Earlier this week, VMWare published a critical security advisory that addresses security vulnerabilities in multiple product lines, including a critical authentication bypass flaw that scored CVSSv3 9.8.

Administrators are advised to update affected VMWare products as soon as possible.

What’s the nature of the vulnerabilities?

VMWare released an advisory on August 2nd regarding updates across multiple platforms. This includes a critical authentication bypass vulnerability, as well as multiple severe privilege escalation and remote code execution (RCE) vulnerabilities. Though the RCEs require administrative access, they can presumably be chained with the authentication bypass or privilege escalation vulnerabilities as needed to bypass the authentication requirement.

Urgent action is recommended on the below vulnerabilities. Consult the VMWare Advisory (VMSA-2022-0021) for more details. 

Which products are affected?

  • VMware Workspace ONE Access (Access)
  • VMware Workspace ONE Access Connector (Access Connector)
  • VMware Identity Manager (vIDM)
  • VMware Identity Manager Connector (vIDM Connector)
  • VMware vRealize Automation (vRA)

Vulnerability details

Here’s a summary of Critical/High vulnerabilities from VMSA-2022-0021 that rank greater that CVSSv3 7.0.

VMware Cloud Foundation vRealize Suite Lifecycle ManagerAuthentication Bypass Vulnerability

CVE-2022-31656
CVSS 9.8 – Critical

  • Impacts VMware Workspace ONE Access, Identity Manager and vRealize Automation platforms
  • Malicious user with Network access and UI access may be able to bypass authentication and obtain administrative credentials. 
  • Workaround provided by VMWare.

JDBC Injection Remote Code Execution Vulnerability 

CVE-2022-31658
CVSS 8.0 – Important

  • Impacts VMware Workspace ONE Access, Identity Manager and vRealize Automation platforms
  • Malicious user with network and administrative access can trigger remote code execution (RCE) on the impacted platform
  • No workaround listed

SQL injection Remote Code Execution Vulnerability

CVE-2022-31659
CVSS 8.0 – Important

  • Impacts VMware Workspace ONE Access and Identity Manager platforms
  • An RCE can be triggered by a user with network and administrative access
  • No workaround listed

Local Privilege Escalation Vulnerability 

CVE-2022-31660
CVE-2022-31661
CVE-2022-31664
CVSS 7.8 – Important

  • All three listed Privilege Escalation vulnerabilities impact VMware Workspace ONE Access, Identity Manager and vRealize Automation platforms
  • Malicious user with local access can escalate to root privileges
  • No workarounds listed

JDBC Injection Remote Code Execution Vulnerability

CVE-2022-31665
CVSS 7.6 – Important

  • Impacts VMware Workspace ONE Access, Identity Manager and vRealize Automation platforms
  • An RCE can be triggered by a user with network and administrative access
  • No workarounds listed

Mitigation

  • Consult VMWare Advisory and Q&A Document for more details, as well as information about updates and workarounds.
  • A vulnerability management program can be used to detect and prioritize serious vulnerabilities within your environment.
  • Apply network segmentation best practices to reduce the attack surface of vulnerabilities requiring network access.

Resources

VMWare Advisory (VMSA-2022-0021)
https://www.vmware.com/security/advisories/VMSA-2022-0021.html

VMWare Advisory (VMSA-2022-0021): Q+A
https://core.vmware.com/vmsa-2022-0021-questions-answers-faq

BleepingComputer Article
https://www.bleepingcomputer.com/news/security/vmware-urges-admins-to-patch-critical-auth-bypass-bug-immediately/

Previous Post

Cofense Training and Certification

Next Post

How To Choose a SOC-as-a-Service

Innovate uses cookies to give you the best online experience. If you continue to use this site, you agree to the use of cookies. Please see our privacy policy for details.