CVE-2022-22961

Name of the Vulnerable Software and Affected Versions VMware Workspace ONE Access (affected versions not specified) VMware Identity Manager (affected versions not specified) vRealize Automation (affected versions not specified)

Description The issue is related to an information disclosure vulnerability. It allows a malicious actor with remote access to leak the hostname of the target system. Successful exploitation can lead to targeting victims. The vulnerability is associated with the disclosure of protected information.

Recommendations For VMware Workspace ONE Access, consider restricting access to sensitive information until a fix is available. For VMware Identity Manager, restrict access to the administration console to minimize the risk of exploitation. For vRealize Automation, avoid using the platform for sensitive operations until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.