VMware Vulnerabilities Patches
Vulnerabilities in VMWARE allow internal attackers to gain unauthenticated administrative access to the entire company’s infrastructure. Who is affected: Anyone using: VMware Workspace ONE Access (Access) VMware Identity Manager (vIDM) VMware vRealize Automation (vRA) VMware Cloud Foundation vRealize Suite Lifecycle Manager Authentication Bypass Vulnerability (CVE-2022-22972)* VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.* A malicious actor with network access to the UI may be able to obtain administrative