VMware has released an article related to VMSA-2022-0011 security vulnerabilities found in some of its products with the required patches for the fixes. The company states that those vulnerabilities are critical and the products need to be patched immediately.

Several products are affected

The affected products are VMware Workspace ONE Access, VMware Identity Manager (vIDM), vRealize Suite Lifecycle Manager, VMware vRealize, Automation (vRA), and VMware Cloud Foundation. The critical vulnerabilities of these products include a server-side template injection remote code execution, two OAuth2 ACS authentication bypass vulnerabilities, and two JDBC injection remote code execution vulnerabilities. Here is the list of the critical vulnerabilities:

• CVE-2022-22954 (CVSS 9.8): VMware Workspace One Access and Identity Manager
• CVE-2022-22955 (CVSS 9.8): VMware Workspace ONE Access
• CVE-2022-22956 (CVSS 9.8): VMware Workspace ONE Access
• CVE-2022-22957 (CVSS 9.1): VMware Workspace ONE Access, Identity Manager, and vRealize Automation
• CVE-2022-22958 (CVSS 9.1): VMware Workspace ONE Access, Identity Manager, and vRealize Automation

In addition to the critical vulnerabilities, there are also a cross-site request forgery vulnerability, local privilege escalation vulnerability, and an information disclosure vulnerability, with CVSS scores ranging between 8.8 and 5.3. You can see their tracking codes and their severities below:

• CVE-2022-22959 (CVSS: 8.8): VMware Workspace ONE Access, Identity Manager, and vRealize Automation
• CVE-2022-22960 (CVSS: 7.8): VMware Workspace ONE Access, Identity Manager, and vRealize Automation
• CVE-2022-22961 (CVSS: 5.3): VMware Workspace ONE Access, Identity Manager, and vRealize Automation

You can see the full list of the affected components below:

• VMware Workspace ONE Access Appliance 21.08.0.1
• VMware Workspace ONE Access Appliance 21.08.0.0
• VMware Workspace ONE Access Appliance 20.10.0.1
• VMware Workspace ONE Access Appliance 20.10.0.0
• VMware Identity Manager Appliance 3.3.6
• VMware Identity Manager Appliance 3.3.5
• VMware Identity Manager Appliance 3.3.4
• VMware Identity Manager Appliance 3.3.3
• VMware Realize Automation 7.6

A workaround is available

Alongside the patches, VMware has also released a guide for a workaround for mitigating the risks. Here are the steps for the workaround procedure:

• Login as sshuser, sudo to root-level access. 
• Download and transfer the HW-154129-applyWorkaround.py script to the virtual appliance. VMware recommends SCP protocol to transfer the file to the appliance.
• Navigate to the downloaded file path using the “cd” command. 
• Run the Python script using the command below

python3 HW-154129-applyWorkaround.py