VMware.Multiple.Products.Login.Controller.Authentication.Bypass
Description
This indicates an attack attempt to exploit an Authentication Bypass vulnerability in VMware Workspace ONE Access, Identity Manager and vRealize Automation.
The vulnerability is due to a validation error in the application when handling maliciously crafted requests. An attacker can exploit this to obtain administrative access without the need to authenticate.
Affected Products
VMware Workspace ONE Access 21.08.0.0 to 21.08.0.1
VMware Identity Manager Appliance & Connector 3.3.4 to 3.3.6
VMware Identity Manager Connector 19.03.0.1
VMWare vRealize Automation 7.6
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://www.vmware.com/security/advisories/VMSA-2022-0021.html
Version Updates
Date | Version | Detail |
---|---|---|
2022-08-30 | 0.00327 |