Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2022-31656
CVE-2022-31656:
Workspace ONE Access Connector vulnerability analysis and mitigation
Overview
CVE-2022-31656 is a critical authentication bypass vulnerability affecting VMware Workspace ONE Access, Identity Manager and vRealize Automation, discovered and reported by PetrusViet of VNG Security. The vulnerability was disclosed on August 2, 2022, with a critical CVSSv3 base score of 9.8. The affected products include VMware Workspace ONE Access, Identity Manager, and vRealize Automation running on Linux systems (VMware Advisory).
Technical details
The vulnerability allows an attacker with network access to the user interface to bypass authentication mechanisms affecting local domain users. The severity is rated as Critical with a CVSSv3 score of 9.8, indicating the highest level of risk. The vulnerability appears to be a variant or patch bypass of a previous vulnerability (CVE-2022-22972) that was patched in an earlier advisory (Tenable Blog).
Impact
A successful exploitation of this vulnerability allows a malicious actor with network access to the UI to obtain administrative access without authentication. This level of access could potentially lead to complete system compromise. VMware confirmed that malicious code capable of exploiting this vulnerability in impacted products became publicly available (VMware Advisory).
Mitigation and workarounds
VMware released patches to address this vulnerability and strongly recommended immediate application of these updates. The fixes are available through VMware's Knowledge Base article KB89096. For organizations unable to immediately apply patches, temporary workarounds are documented in KB89084. VMware emphasized that this should be treated as an emergency change in organizations using ITIL methodologies (VMware Advisory).
Community reactions
Security analysts and researchers emphasized the critical nature of this vulnerability, particularly given the history of attacks targeting VMware Workspace ONE instances. The security community urged organizations to apply patches immediately, especially considering the public availability of exploit code (Tenable Blog).
Additional resources
Source: This report was generated using AI
Related Workspace ONE Access Connector vulnerabilities:
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management