VMware Patches Five Critical Vulnerabilities in Workspace ONE Access

VMware on Wednesday announced patches for several critical and high-severity vulnerabilities affecting Workspace ONE Access and other products.

A total of eight security holes are detailed in the company’s advisory, affecting VMware Workspace ONE Access, Identity Manager (vIDM, the previous name of Workspace ONE Access), vRealize Automation (vRA), Cloud Foundation, and Suite Lifecycle Manager. Five of the issues are rated “critical severity.”

With a CVSS score of 9.8 and tracked as CVE-2022-22954, the first of the bugs is a remote code execution vulnerability affecting both Workspace ONE Access and Identity Manager.

The issue exists because a “malicious actor with network access can trigger a server-side template injection,” which could result in remote code execution.

VMware also announced patches for two authentication bypass vulnerabilities in the OAuth2 ACS framework of Workspace ONE Access, which could allow a malicious actor to “execute any operation due to exposed endpoints in the authentication framework.”

Tracked as CVE-2022-22955 and CVE-2022-22956, the issues have a CVSS score of 9.8.

[ READ: VMware Patches Critical Vulnerabilities in Carbon Black App Control ]

Two other critical vulnerabilities addressed this week impact Workspace ONE Access, Identity Manager and vRealize Automation, VMware announced. Tracked as CVE-2022-22957 and CVE-2022-22958, the flaws have a CVSS score of 9.1.

Described as remote code execution issues, the two bugs require administrative access for successful exploitation.

“A malicious actor with administrative access can trigger deserialization of untrusted data through malicious JDBC URI which may result in remote code execution,” VMware says.

Two other security bugs detailed in VMware’s advisory are rated “high severity” (CVE-2022-22959 and CVE-2022-22960), while a third is rated “medium severity” (CVE-2022-22961).

Steven Seeley of the Qihoo 360 Vulnerability Research Institute has been credited for finding these vulnerabilities.

VMware warns that all products using Identity Manager components – including Cloud Foundation, NSX-T, vRealize Suite, Cloud suites, vRealize Automation, vRealize Log Insight, and vRealize Network Insight – are considered vulnerable.

[ READ: VMware NSX Data Center Flaw Can Expose Virtual Systems to Attacks ]

The company recommends that all potentially impacted customers apply the available patches or workarounds as soon as possible.

“To fully protect yourself and your organization please install one of the patch versions listed in the VMware Security Advisory, or use the workarounds listed in the VMSA,” the company says.

VMware also notes that it currently has no evidence of in-the-wild exploitation for any of these vulnerabilities.

On Wednesday, the company also announced the release of patches for two high-severity vulnerabilities in VMware Horizon Client for Linux, which are tracked as CVE-2022-22962 and CVE-2022-22964 (CVSS score of 7.3).

Related: VMware Plugs Security Holes in Workstation, Fusion and ESXi

Related: VMware vCenter Server Vulnerability Can Facilitate Attacks on Many Organizations

Related: VMware Warns of Log4j Attacks Targeting Horizon Servers