ioc[.]one - OSINT Cyber Threat Intelligence Database

Critical VMware Authentication Bypass and RCE Vulnerabilities: CVE-2022-31656 and CVE-2022-31659

Tags

country:	Jersey
attack-pattern:	Server - T1583.004 Server - T1584.004 Tool - T1588.002 Vulnerabilities - T1588.006

Show in Graph

Common Information

Type	Value
UUID	f6083b7c-bebc-4674-9416-8abe1bf4e0a1
Fingerprint	f446641629e7fa4b
Analysis status	DONE
Considered CTI value	2
Text language
Published	Aug. 10, 2022, 7:43 p.m.
Added to db	Nov. 6, 2023, 6:31 p.m.
Last updated	Nov. 12, 2024, 11:50 a.m.
Headline	Critical VMware Authentication Bypass and RCE Vulnerabilities: CVE-2022-31656 and CVE-2022-31659
Title	Critical VMware Authentication Bypass and RCE Vulnerabilities: CVE-2022-31656 and CVE-2022-31659
Detected Hints/Tags/Attributes	44/2/20

Source URLs

	Redirection	Url
Details	Source	https://research.kudelskisecurity.com/2022/08/10/critical-vmware-authentication-bypass-and-rce-vulnerabilities-cve-2022-31656-and-cve-2022-31659/

URL Provider

Details	Provider	Source level domain
Details	kudelskisecurity.com	research.kudelskisecurity.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	205	✔	Kudelski Security Research	https://research.kudelskisecurity.com/feed/	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	CVE	8	cve-2022-31656
Details	CVE	8	cve-2022-31659
Details	CVE	8	cve-2022-22972
Details	Domain	150	www.vmware.com
Details	Domain	39	kb.vmware.com
Details	Domain	6	blog.assetnote.io
Details	File	2	urlrewrite.xml
Details	File	2	localpasswordauthadapter.log
Details	File	2	vmsa-2022-0021.html
Details	File	1	view-active-admin-users.sql
Details	File	1	view-active-local-users.sql
Details	File	1	disable_all_local_users.sql
Details	Url	2	https://www.vmware.com/security/advisories/vmsa-2022-0021.html
Details	Url	2	https://kb.vmware.com/s/article/88433
Details	Url	1	https://www.greynoise.io/blog/vmware-workspace-one-vulnerabilities-cve-2022-31656-and-cve-2022-31659
Details	Url	1	https://www.bleepingcomputer.com/news/security/vmware-warns-of-public-exploit-for-critical-auth-bypass-vulnerability
Details	Url	1	https://blog.assetnote.io/2022/05/27/understanding-cve-2022-22972-vmware-workspace-one-access
Details	Url	1	https://research.kudelskisecurity.com/2022/05/20/high-severity-vmware-vulnerabilities-under-active-exploitation
Details	Url	1	https://www.tenable.com/blog/cve-2022-31656-vmware-patches-several-vulnerabilities-in-multiple-products-vmsa-2022-0021
Details	Url	1	https://petrusviet.medium.com/dancing-on-the-architecture-of-vmware-workspace-one-access-eng-ad592ae1b6dd