Detections
Analytics

VMware Workspace One Access / VMware Identity Manager Multiple Vulnerabilities (VMSA-2022-0032)

high Nessus Plugin ID 168876

Language:

Synopsis

An identity store broker application running on the remote host is affected by multiple vulnerabilities.

Description

The VMware Workspace One Access (formerly VMware Identity Manager) application running on the remote host is affected by the following vulnerabilities:

 - An authentication remote code execution vulnerability. A malicious actor with administrator and network access may be able to remotely execute code on the underlying operating system. (CVE-2022-31700)

 - A broken authentication vulnerability. A malicious actor with network access may be able to obtain system information due to an unauthenticated endpoint. Successful exploitation of this issue can lead to targeting victims. (CVE-2022-31701)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version.

Solution

Apply the HW-165708 hotfix to VMware Workspace One Access / VMware Identity Manager as per the VMSA-2022-0032 advisory.

See Also

https://www.vmware.com/security/advisories/VMSA-2022-0032.html

https://kb.vmware.com/s/article/90399

Plugin Details

Severity: High

ID: 168876

File Name: vmware_workspace_one_access_VMSA-2022-0032.nasl

Version: 1.4

Type: remote

Family: CGI abuses

Published: 12/16/2022

Updated: 9/15/2023

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: High

Base Score: 8.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:L/Au:M/C:C/I:C/A:C

CVSS Score Source: CVE-2022-31700

CVSS v3

Risk Factor: High

Base Score: 7.2

Temporal Score: 6.7

Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:vmware:identity_manager, cpe:/a:vmware:workspace_one_access

Required KB Items: installed_sw/VMware Workspace ONE Access

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 12/13/2022

Vulnerability Publication Date: 12/13/2022

Exploitable With

Core Impact

Reference Information

CVE: CVE-2022-31700, CVE-2022-31701

IAVA: 2022-A-0513

VMSA: 2022-0032