Lucene search
HistoryAug 05, 2022 - 4:15 p.m.
CVE-2022-31662
vmware
workspace one
access
vulnerability
path traversal
malicious actor
network access
arbitrary files
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.001 Low
EPSS
Percentile
46.7%
VMware Workspace ONE Access, Identity Manager, Connectors and vRealize Automation contain a path traversal vulnerability. A malicious actor with network access may be able to access arbitrary files.
Affected configurations
Node
vmwareidentity_managerMatch3.3.4
ORvmwareidentity_managerMatch3.3.5
ORvmwareidentity_managerMatch3.3.6
ORvmwareone_accessMatch21.08.0.0
ORvmwareone_accessMatch21.08.0.1
linuxlinux_kernelMatch-
Node
vmwareaccess_connectorMatch21.08.0.0
ORvmwareaccess_connectorMatch21.08.0.1
ORvmwareaccess_connectorMatch22.05
ORvmwareidentity_manager_connectorMatch3.3.4
ORvmwareidentity_manager_connectorMatch3.3.5
ORvmwareidentity_manager_connectorMatch3.3.6
ORvmwareidentity_manager_connectorMatch19.03.0.1
microsoftwindowsMatch-
Related
cvelist
cvelist
CVE-2022-31662
2022-08-05 15:05:34
cve
cve
CVE-2022-31662
2022-08-05 16:15:12
prion
prion
Path traversal
2022-08-05 16:15:00
threatpost
threatpost
VMWare Urges Users to Patch Critical Authentication Bypass Bug
2022-08-03 15:23:16
nessus
nessus
vmware
vmware
thn
thn
VMware Releases Patches for Several New Flaws Affecting Multiple Products
2022-08-03 04:49:00
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.001 Low
EPSS
Percentile
46.7%
Related for NVD:CVE-2022-31662