VMware has released security updates and workarounds to address multiple security vulnerabilities (CVE-2022-22954, CVE-2022-22955,CVE-2022-22956, CVE-2022-22957, CVE-2022-22958, CVE-2022-22959, CVE-2022-22960, CVE-2022-22961) in VMware Workspace ONE Access (Access), VMware Identity Manager (vIDM),VMware vRealize Automation (vRA), VMware Cloud Foundation, vRealize Suite Lifecycle Manager products. An attacker could exploit some of these vulnerabilities to trigger cross site scripting, elevation of privilege, remote code execution, security restriction bypass and information disclosure on the target system.

More information on vulnerabilities and updates is available in VMware security advisory – VMSA-2022-0011.