PT-2022-2637 · Vmware · Vmware Workspace One Identity Manager+1

Kai Zhao

Published

2022-05-18

Updated

2023-08-08

CVE-2022-22973

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions VMware Workspace ONE Access and Identity Manager (affected versions not specified)

Description The issue is related to a privilege escalation vulnerability. A malicious actor with local access can escalate privileges to 'root'. This vulnerability is associated with inadequate access control on the VMware Workspace ONE Access administration platform.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284

Related Identifiers

BDU:2022-03095

CVE-2022-22973

Affected Products

Vmware Workspace One Access

Vmware Workspace One Identity Manager

PT-2022-2637 · Vmware · Vmware Workspace One Identity Manager+1

CVE-2022-22973

Weakness Enumeration

Related Identifiers

Affected Products

References · 10