VMware Releases Critical Patches for New Vulnerabilities Affecting Multiple Products

From thehackernews.com

VMware has released security updates to patch eight vulnerabilities spanning its products, some of which could be exploited to launch remote code execution attacks.

Tracked from CVE-2022-22954 to CVE-2022-22961 (CVSS scores: 5.3 – 9.8), the issues impact VMware Workspace ONE Access, VMware Identity Manager, VMware vRealize Automation, VMware Cloud Foundation, and vRealize Suite Lifecycle Manager.

Five of the eight bugs are rated Critical, two are rated Important, and one is rated Moderate in severity. Credited with reporting all the vulnerabilities is Steven Seeley of Qihoo 360 Vulnerability Research Institute.

Read more…