CVE-2022-22972 Scanner
Detects 'Authentication Bypass' vulnerability in VMware Workspace ONE Access, Identity Manager and vRealize Automation affects v. Access 21.08.0.1, 21.08.0.0, 20.10.0.1, 20.10.0.0. Identity Manager 3.3.6, 3.3.5, 3.3.4, 3.3.3. vRealize Automation 7.6.
Short Info
Level
Critical
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 sec
Scan only one
Domain, Ipv4
Toolbox
-
VMware Workspace ONE Access, Identity Manager, and vRealize Automation are powerful tools used by organizations to centralize and streamline access to their digital assets. These products enable IT administrators to manage user identities and permissions across a wide range of applications and services, ensuring that access is only granted to authorized users.
However, these products are not without their vulnerabilities. One such vulnerability, identified as CVE-2022-22972, allows for an authentication bypass. This means that a malicious actor who has network access to the user interface may be able to gain administrative access without the need to authenticate. This is a serious security flaw that can potentially put an organization's sensitive data at risk.
When exploited, this vulnerability can lead to a number of serious consequences. A hacker who gains administrative access can potentially access and manipulate sensitive data, steal personal information, and wreak havoc on an organization's systems. This can result in financial loss, damage to reputation, and a loss of trust among customers and stakeholders.
With the pro features of the securityforeveryone.com platform, organizations can easily and quickly learn about vulnerabilities in their digital assets. This platform provides actionable insights and recommendations to help organizations stay ahead of potential threats and protect their sensitive data. Don't wait until it's too late - take action now to safeguard your organization's critical assets.
REFERENCES
control security posture