VMware Aria Suite (formerly vRealize Suite)
VMSA-2022-0014: Workspace ONE Access and Identity Manager Critical Vulnerability
Reading time: 3 minutes
Hot on the heels of the recent April 2022 VMware critical security advisory VMSA-2022-0011, which addressed eight CVEs within VMware Workspace ONE Access and VMware Identity Manager, VMware has released a new creitical security advisory VMSA-2022-0014. This advisory addresses two new security vulnerabilities (CVE-2022-22972 and CVE-2022-22973) in VMware Workspace ONE Access and VMware Identity Manager, with one rated as critical. Authentication Bypass Vulnerability - CVE-2022-22972 According to VMware, a malicious user with network access to the VMware Workspace ONE Access or VMware Identity Manager user interfaces may be able to obtain administrative access without needing to authenticate.