Login
    Contents x
    Impact of VMware Vulnerabilities on Pharos Products - May 2022
    • 05 Apr 2024
    • 1 Minute to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    Impact of VMware Vulnerabilities on Pharos Products - May 2022

    • Updated on 05 Apr 2024
    • 1 Minute to read
    • Print
    • Dark
      Light
    • PDF
    Article summary

    Impact of VMware Vulnerabilities on Pharos products

    Pharos is NOT impacted by the following VMware vulnerabilities:

    • CVE-2022-22954: A remote code execution vulnerability that could enable a malicious actor with network access to trigger a server-side template injection that may result in an RCE

    • CVE-2022-22960: A privilege escalation flaw that could enable a malicious actor with root access to wipe logs, escalate permissions and move laterally to other systems

    • CVE-2022-22972: An authentication bypass vulnerability that could allow a malicious actor with network access to the UI to obtain administrative access without the need to authenticate

    • CVE-2022-22973: A local privilege escalation vulnerability that could allow a malicious actor with local access to escalate privileges to ‘root’

    Pharos solutions do NOT use any of the vulnerable VMware products:

    • VMware Workspace ONE Access (Access)

    • VMware Identity Manager (vIDM)

    • VMware vRealize Automation (vRA)

    • VMware Cloud Foundation

    • vRealize Suite Lifecycle Manager

    Was this article helpful?
    Related articles
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout