PRP: Request CVE-2022-22972 VMware Workspace ONE Access, Identity Manager and vRealize Automation Authentication Bypass #257
Labels
Comments
|
Hi @C4o, Thanks for your request! This vulnerability is in scope for the reward program. Please submit our participation form and you can start working on the development. Please keep in mind that the Tsunami Scanner Team will only be able to work at one issue at a time for each participant so please hold on the implementation work for any other requests you might have. Thanks! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi there,
I would like to contribute the implementation for a plugin that detects CVE-2022-22972. It's published in 9 days ago. VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate.
Vulnerability details:
Score: 9.8 CRITICAL
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
https://nvd.nist.gov/vuln/detail/CVE-2022-22972
https://www.vmware.com/security/advisories/VMSA-2022-0014.html
https://www.horizon3.ai/vmware-authentication-bypass-vulnerability-cve-2022-22972-technical-deep-dive/
https://github.com/horizon3ai/CVE-2022-22972/blob/main/CVE-2022-22972.py
The vulnerability should be remotely exploitable without authentication and user interaction. Yes.
The detector should provide a reliable false-positive free detection report. Yes.
The detection capability should be easy to verify using both vulnerable and fixed Docker images. Yes.
The vulnerability should have a relatively large impact radius. Yes.
Please let me know if this is in scope as I've already made the development .
Thanks,
C4o
The text was updated successfully, but these errors were encountered: