CVE-2022-22957
------------ On April 6, 2022 VMware released VMSA-2022-0011, a critical advisory addressing security vulnerabilities found and resolved in VMware’s Workspace ONE Access, VMware Identity Manager (vIDM), vRealize Lifecycle Manager, vRealize Automation, and VMware Cloud Foundation products. VMware Identity Manager is also an optional external component that can provide authentication and authorization for other products, such as NSX, vRealize Operations, vRealize Log Insight, and vRealize Network Insight. The VMSA will always be the source of truth for what products & versions are affected, the workarounds, and appropriate patches. This document is a corollary to that advisory and contains resources and numerous questions & answers that have been asked regarding this issue in an effort to communicate new information, reduce the need for support calls, and help keep organizations secure.
EPSS 43.23% · 97.6th percentile
Risk Scores
Exploit Intelligence
- CIRCL seen: CVE-2022-22957 (circl-sighting)
- CIRCL seen: CVE-2022-22957 (circl-sighting)
- CIRCL seen: CVE-2022-22957 (circl-sighting)
- CIRCL seen: CVE-2022-22957 (circl-sighting)
- CIRCL seen: CVE-2022-22957 (circl-sighting)
- CIRCL seen: CVE-2022-22957 (circl-sighting)
- https://www.vmware.com/security/advisories/VMSA-2022-0011.html (circl)
- http://packetstormsecurity.com/files/171918/Mware-Workspace-ONE-Remote-Code-Execution.html (circl)
- http://packetstormsecurity.com/files/171918/VMware-Workspace-ONE-Remote-Code-Execution.html (circl)
- VMware Workspace ONE Remote Code Execution Exploit (0day-today)
…and 1 more exploits
Timeline
- Apr 7, 2022 CVE Published
- Apr 7, 2022 PoC Published
- Apr 14, 2022 EPSS Score
- Jun 3, 2022 EPSS Score
- Sep 13, 2022 EPSS Score
- Nov 2, 2022 EPSS Score
- Feb 10, 2023 EPSS Score
- Apr 1, 2023 EPSS Score
- Apr 18, 2023 PoC Published
- Apr 18, 2023 PoC Published
- May 22, 2023 EPSS Score
- Jul 11, 2023 EPSS Score