CVE-2022-22958 — Vulnetix

CVE-2022-22958 PUBLISHED

------------ On April 6, 2022 VMware released VMSA-2022-0011, a critical advisory addressing security vulnerabilities found and resolved in VMware’s Workspace ONE Access, VMware Identity Manager (vIDM), vRealize Lifecycle Manager, vRealize Automation, and VMware Cloud Foundation products. VMware Identity Manager is also an optional external component that can provide authentication and authorization for other products, such as NSX, vRealize Operations, vRealize Log Insight, and vRealize Network Insight. The VMSA will always be the source of truth for what products & versions are affected, the workarounds, and appropriate patches. This document is a corollary to that advisory and contains resources and numerous questions & answers that have been asked regarding this issue in an effort to communicate new information, reduce the need for support calls, and help keep organizations secure.

EPSS 3.02% · 86.9th percentile

Risk Scores

EPSS Score

3.02%

86.9th percentile

Timeline

Apr 7, 2022 CVE Published
Apr 7, 2022 PoC Published
Apr 14, 2022 EPSS Score
Apr 22, 2022 EPSS Score
Jul 24, 2022 EPSS Score
Sep 12, 2022 EPSS Score
Dec 22, 2022 EPSS Score
Feb 10, 2023 EPSS Score
Mar 7, 2023 EPSS Score
May 21, 2023 EPSS Score
Jul 10, 2023 EPSS Score
Aug 29, 2023 EPSS Score

References

https://github.com/vmware/vcf-security-and-compliance-guidelines/blob/main/security-advisories/vmsa-2022-0011/README.md advisory

Open in Interactive Console →