If you use certain VMWAre products, be aware that the company has recently identified and issued a patch for a total of five critical security vulnerabilities.

These are being tracked as:

  • CVE-2022022954 (This issue is a server-side template injection remote code execution issue)
  • CVE-2022-22955
  • CVE-2022-22956 (This issue, and the one above it are both OAuth2 ACS authentication bypass vulnerabilities)
  • CVE-2022022957
  • And CVE-20220958, with these last two being JDBC injection remote code execution vulnerabilities.

The products impacted by these issues are:

  • vRealize Suite Lifecycle Manager
  • VMware Cloud Foundation
  • VMware vRealize Automation (vRA)
  • VMware Identity Manager (vIDM)
  • And VMware Workspace ONE Access (Access)

The patch the company released to address the issue is VMSA-2021-0011.

The company made a point to stress that different organizations will have varying risk tolerances, security controls, and defenses in place to manage risk. So customers using VMWare equipment should certainly feel free to make their own decisions regarding what priority to place on installing the patch for this issue. They strongly recommended that all their customers take immediate action given the severity of the security vulnerability.

VMware stressed that so far, they have found no evidence of any of these vulnerabilities being exploited in the wild. Of course, it's just a matter of time until that happens and the company recommends applying the patch as soon as possible if you use any of the products mentioned above.

If you are unable to apply the patch immediately, also be aware that the company has a workaround detailed on their website that could be used as a stopgap measure in the short run.  It doesn't remove the risk and it may introduce some added wrinkles and complexities but it's better than doing nothing until the patch can be applied.

Kudos to VMware for their fast action in addressing these issues and in providing a workaround for those who cannot patch immediately.

About the Author

Marty Parker

Marty Parker
Owner & General Manager

Marty is the Owner and General Manager of Heritage Digital. Marty has managed and built high-performing IT teams for over 30 years. He served 13 years in the manufacturing industry and 13 years in corporate-owned healthcare organizations. Before acquiring Heritage Digital, Marty was the Chief Information Officer of Carolinas Hospital System (now MUSC Health Florence Medical Center) in Florence, SC. Marty is passionate about educating and protecting people against cybercriminals.

Used with permission from Article Aggregator