CVE-2022-22955 — Vulnetix

CVE-2022-22955 PUBLISHED

------------ On April 6, 2022 VMware released VMSA-2022-0011, a critical advisory addressing security vulnerabilities found and resolved in VMware’s Workspace ONE Access, VMware Identity Manager (vIDM), vRealize Lifecycle Manager, vRealize Automation, and VMware Cloud Foundation products. VMware Identity Manager is also an optional external component that can provide authentication and authorization for other products, such as NSX, vRealize Operations, vRealize Log Insight, and vRealize Network Insight. The VMSA will always be the source of truth for what products & versions are affected, the workarounds, and appropriate patches. This document is a corollary to that advisory and contains resources and numerous questions & answers that have been asked regarding this issue in an effort to communicate new information, reduce the need for support calls, and help keep organizations secure.

EPSS 70.11% · 98.7th percentile

Risk Scores

EPSS Score

70.11%

98.7th percentile

Exploit Intelligence

CIRCL seen: CVE-2022-22955 (circl-sighting)
https://www.vmware.com/security/advisories/VMSA-2022-0011.html (circl)

Timeline

Apr 7, 2022 CVE Published
Apr 7, 2022 PoC Published
Apr 14, 2022 EPSS Score
Jun 3, 2022 EPSS Score
Jul 24, 2022 EPSS Score
Nov 2, 2022 EPSS Score
Dec 22, 2022 EPSS Score
Feb 10, 2023 EPSS Score
Mar 7, 2023 EPSS Score
May 22, 2023 EPSS Score
Jul 11, 2023 EPSS Score
Aug 30, 2023 EPSS Score

References

https://github.com/vmware/vcf-security-and-compliance-guidelines/blob/main/security-advisories/vmsa-2022-0011/README.md advisory

Open in Interactive Console →