On May 18, 2022 VMware released VMSA-2022-0014, a critical advisory addressing security vulnerabilities found and resolved in VMware’s Workspace ONE Access, VMware Identity Manager (vIDM), vRealize Lifecycle Manager, vRealize Automation, and VMware Cloud Foundation products. VMware Identity Manager is also an optional external component for other products, such as NSX, vRealize Operations, vRealize Log Insight, and vRealize Network Insight.
These vulnerabilities are an authentication bypass and a privilege escalation. An authentication bypass means that an attacker with network access to Workspace ONE Access, VMware Identity Manager, and vRealize Automation can obtain administrator access. Privilege escalation means that an attacker with local access can become root on the virtual appliance. It is extremely important that you quickly take steps to patch or mitigate these issues in on-premises deployments. If your organization uses ITIL methodologies for change management, this would be considered an “emergency” change. Information on patches and workarounds can be found in the VMware Security Advisory (link below).
As we have done in the past for critical security advisories, we are also maintaining a Frequently Asked Questions (FAQ) document for this advisory (link below) with additional self-service information and context.
Links
The VMware Security Advisory VMSA-2022-0014 can be found at:
https://www.vmware.com/security/advisories/VMSA-2022-0014.html.
Frequently Asked Questions about VMSA-2022-0014 can be found at:
https://via.vmw.com/vmsa-2022-0014-qna
You should sign up to get a proactive email when a new VMware Security Advisory is issued. Do that at:
http://lists.vmware.com/mailman/listinfo/security-announce
Thank You
Critical security advisories are often challenging situations, and unfortunately part of the IT landscape. In line with VMware’s product security policy, we value transparency so that customers can protect themselves as rapidly as possible. Your security is important to us; please subscribe to the VMware Security Advisory Mailing List for proactive notifications, review the VMSA and FAQ, and let your VMware account teams know if there are additional questions we can answer. Thank you.