VMware has published a Security Advisory to address vulnerabilities in multiple products. One of these vulnerabilities has a CVSSv3 score of 9.8 and could result in administrative access via authentication bypass. Patches are available to remediate these vulnerabilities in affected VMware products.

The following products are affected:

  • VMware Cloud Foundation – multiple versions
  • VMware Identity Manager – multiple versions
  • VMware vRealize Automation – versions 7.6 and 8.x
  • VMware vRealize Suite Lifecycle Manager – versions 8.x
  • VMware Workspace ONE Access – multiple versions

What should I do?

The link below contains further details on the vulnerabilities and information for patching. Customers are encouraged to patch their systems as soon as possible.

VMWare.com

Additional Resource: Canadian Centre for Cyber Security

Please help us improve our website by providing your feedback