VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in support scripts. A malicious actor with local access can escalate privileges to 'root'.
CVSS Details
- CVSS 3.1 Base Score: 7.8
- CVSS 3.1 Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
Covered by Rapid7
| Product | Vendor Advisory | Solution File | Added | Published |
|---|---|---|---|---|
| Vmsa 2022 0011 | vmware-workspace-one-access-upgrade-20_10_0_0_17035009vmware-workspace-one-access-upgrade-20_10_0_1_17586971vmware-workspace-one-access-upgrade-21_08_0_0_18530336vmware-workspace-one-access-upgrade-21_08_0_1_19010796 | Apr 11, 2022 | Apr 11, 2022 |
Prioritise with Active Threat Intelligence
With curated Threat Intelligence, you can see which vulnerabilities truly put you at risk, prioritize what matters most, and act before attackers do.
Explore Intelligence Hub