Authentication Bypass Vulnerabilities in VMware Workspace ONE Access
CVE-2022-22955
9.8CRITICAL
What is CVE-2022-22955?
VMware Workspace ONE Access is susceptible to two authentication bypass vulnerabilities that may allow malicious actors to exploit exposed endpoints in the OAuth2 ACS framework. This could enable them to bypass authentication measures and perform unauthorized operations, compromising the security of systems relying on this platform. Organizations using Workspace ONE Access should be aware of these vulnerabilities and take appropriate measures to mitigate any potential risks.
Affected Version(s)
VMware Workspace ONE Access Access 21.08.0.1, 21.08.0.0, 20.10.0.1, 20.10.0.0.