Skip to content

Affected Systems: VMware Workspace ONE Access, VMware Identity Manager, VMware vRealize Automation, VMware Cloud Foundation, vRealize Suite Lifecycle Manager

Date Discovered: 2nd August 2022


On the 2nd of August 2022, VMware released a critical security advisory addressing vulnerabilities that allow for authentication bypass, remote code execution, and privilege escalation, among others.

The advisory, named VMSA-2022-0021, mainly focuses on the new vulnerability CVE-2022-31656 which allows for authentication bypass and affects VMware Workspace ONE Access, Identity Manager and vRealize Automation. As this vulnerability can allow for threat actors with access to the network to gain administrator access without authentication, VMware has declared this issue to be of critical severity, giving the vulnerability a CVSSv3 base score of 9.8.

Additionally, VMware published information on nine other new CVEs affecting its services. These new vulnerabilities allow for remote code execution (CVE-2022-31658, CVE-2022-31659, CVE-2022-31665), local privilege escalation (CVE-2022-31660, CVE-2022-31661, CVE-2022-31664), URL injection (CVE-2022-31657), path traversal (CVE-2022-31662), and cross-site scripting (CVE-2022-31663).

The impacted VMware products include:

  • VMware Workspace ONE Access (Access)
  • VMware Workspace ONE Access Connector (Access Connector)
  • VMware Identity Manager (vIDM)
  • VMware Identity Manager Connector (vIDM Connector)
  • VMware vRealize Automation (vRA)
  • VMware Cloud Foundation
  • vRealize Suite Lifecycle Manager


Updating the latest security patches for these systems as soon as possible can prevent these new vulnerabilities from being exploited on your system. VMware has released download links and installation instructions for all affected versions here. There is also a Q&A post that answers some common questions relating to this advisory that can be found here.

Related Links: