Lucene search

[email protected]NVD:CVE-2022-22973

HistoryMay 20, 2022 - 9:15 p.m.

CVE-2022-22973

2022-05-2021:15:09

[email protected]

web.nvd.nist.gov

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

12.7%

JSON

VMware Workspace ONE Access and Identity Manager contain a privilege escalation vulnerability. A malicious actor with local access can escalate privileges to ‘root’.

Affected configurations

NVD

Node

vmwareidentity_managerMatch3.3.3

vmwareidentity_managerMatch3.3.4

vmwareidentity_managerMatch3.3.5

vmwareidentity_managerMatch3.3.6

vmwareworkspace_one_accessMatch20.10.0.0

vmwareworkspace_one_accessMatch20.10.0.1

vmwareworkspace_one_accessMatch21.08.0.0

vmwareworkspace_one_accessMatch21.08.0.1

AND

linuxlinux_kernelMatch-

Node

vmwarecloud_foundationMatch4.0

vmwarecloud_foundationMatch4.0.1

vmwarecloud_foundationMatch4.1

vmwarecloud_foundationMatch4.1.0.1

vmwarecloud_foundationMatch4.2

vmwarecloud_foundationMatch4.2.1

vmwarecloud_foundationMatch4.3

vmwarecloud_foundationMatch4.3.1

vmwarevrealize_suite_lifecycle_managerMatch8.0

vmwarevrealize_suite_lifecycle_managerMatch8.0.1

vmwarevrealize_suite_lifecycle_managerMatch8.1

vmwarevrealize_suite_lifecycle_managerMatch8.2

vmwarevrealize_suite_lifecycle_managerMatch8.2patch1

vmwarevrealize_suite_lifecycle_managerMatch8.2patch2

vmwarevrealize_suite_lifecycle_managerMatch8.2patch3

vmwarevrealize_suite_lifecycle_managerMatch8.3

vmwarevrealize_suite_lifecycle_managerMatch8.3patch1

vmwarevrealize_suite_lifecycle_managerMatch8.3patch2

vmwarevrealize_suite_lifecycle_managerMatch8.3patch3

vmwarevrealize_suite_lifecycle_managerMatch8.4

vmwarevrealize_suite_lifecycle_managerMatch8.4patch1

vmwarevrealize_suite_lifecycle_managerMatch8.4.1

vmwarevrealize_suite_lifecycle_managerMatch8.4.1patch1

vmwarevrealize_suite_lifecycle_managerMatch8.4.1patch2

vmwarevrealize_suite_lifecycle_managerMatch8.4.1patch3

vmwarevrealize_suite_lifecycle_managerMatch8.6

vmwarevrealize_suite_lifecycle_managerMatch8.6patch1

vmwarevrealize_suite_lifecycle_managerMatch8.6.1

vmwarevrealize_suite_lifecycle_managerMatch8.6.2

vmwarevrealize_suite_lifecycle_managerMatch8.7

vmwarevrealize_suite_lifecycle_managerMatch8.8

References

www.vmware.com/security/advisories/VMSA-2022-0014.html

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

12.7%

JSON

Related for NVD:CVE-2022-22973

prion1 cve1 cvelist1 osv1 nessus1 vmware1 attackerkb1 rapid7blog1 malwarebytes1 cisa1 ics1 hivepro1 thn1