CVE-2022-22973

VMware Workspace ONE Access and Identity Manager contain a privilege escalation vulnerability. A malicious actor with local access can escalate privileges to 'root'.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
vmwareCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 87%
VendorProductVersion
vmwareidentity_manager
3.3.3
vmwareidentity_manager
3.3.4
vmwareidentity_manager
3.3.5
vmwareidentity_manager
3.3.6
vmwareworkspace_one_access
20.10.0.0
vmwareworkspace_one_access
20.10.0.1
vmwareworkspace_one_access
21.08.0.0
vmwareworkspace_one_access
21.08.0.1
vmwarecloud_foundation
4.0
vmwarecloud_foundation
4.0.1
vmwarecloud_foundation
4.1
vmwarecloud_foundation
4.1.0.1
vmwarecloud_foundation
4.2
vmwarecloud_foundation
4.2.1
vmwarecloud_foundation
4.3
vmwarecloud_foundation
4.3.1
vmwarevrealize_suite_lifecycle_manager
8.0
vmwarevrealize_suite_lifecycle_manager
8.0.1
vmwarevrealize_suite_lifecycle_manager
8.1
vmwarevrealize_suite_lifecycle_manager
8.2
vmwarevrealize_suite_lifecycle_manager
8.2:patch1
vmwarevrealize_suite_lifecycle_manager
8.2:patch2
vmwarevrealize_suite_lifecycle_manager
8.2:patch3
vmwarevrealize_suite_lifecycle_manager
8.3
vmwarevrealize_suite_lifecycle_manager
8.3:patch1
vmwarevrealize_suite_lifecycle_manager
8.3:patch2
vmwarevrealize_suite_lifecycle_manager
8.3:patch3
vmwarevrealize_suite_lifecycle_manager
8.4
vmwarevrealize_suite_lifecycle_manager
8.4:patch1
vmwarevrealize_suite_lifecycle_manager
8.4.1
vmwarevrealize_suite_lifecycle_manager
8.4.1:patch1
vmwarevrealize_suite_lifecycle_manager
8.4.1:patch2
vmwarevrealize_suite_lifecycle_manager
8.4.1:patch3
vmwarevrealize_suite_lifecycle_manager
8.6
vmwarevrealize_suite_lifecycle_manager
8.6:patch1
vmwarevrealize_suite_lifecycle_manager
8.6.1
vmwarevrealize_suite_lifecycle_manager
8.6.2
vmwarevrealize_suite_lifecycle_manager
8.7
vmwarevrealize_suite_lifecycle_manager
8.8
𝑥
= Vulnerable software versions
References
https://www.vmware.com/security/advisories/VMSA-2022-0014.html
https://www.vmware.com/security/advisories/VMSA-2022-0014.html