Is CVE-2022-31656 known to be exploited?

7 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Vmware Workspace One Access, Identity Manager And Vrealize Automation

CVE-2022-31656

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access…

EPSS: 0.805 (99.2th percentile) — read the EPSS interpretation.

Affected products

N/a Vmware Workspace One Access, Identity Manager And Vrealize Automation — versions Workspace One Access (21.08.0.1 & 21.08.0.0), Identity Manager (vIDM) (3.3.6, 3.3.5 & 3.3.4), and vRealize Automation 7.6

Public proof-of-concept exploits

References

www.vmware.com/security/advisories/VMSA-2022-0021.html (x_refsource_MISC)

Frequently asked questions

What is CVE-2022-31656?: CVE-2022-31656 is a vulnerability in Vmware Workspace One Access, Identity Manager And Vrealize Automation. Published 2022-08-05.
Is CVE-2022-31656 known to be exploited?: 7 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.