VMware Urges Immediate Action to Patch Several Critical Vulnerabilities (VMSA-2022-0011)

On April 6, VMware published VMSA-2022-0011, an advisory that addresses eight vulnerabilities across several VMware products including:

• VMware Workspace ONE Access (Access)
• VMware Identity Manager (vIDM)
• VMware vRealize Automation (vRA)
• VMware Cloud Foundation
• vRealize Suite Lifecycle Manager

Three of the eight vulnerabilities are considered the most severe, as they can be exploited by an unauthenticated attacker with network access:

• CVE-2022-22954
• CVE-2022-22955
• CVE-2022-22956

For more information about these vulnerabilities, including the availability of patches and Tenable product coverage, please visit our blog.