VMware Tanzu Isolation Segment update for linux-pam
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2022-28321 |
| CWE-ID | CWE-863 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Platform Automation Toolkit Other software / Other software solutions |
| Vendor | VMware, Inc |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
1) Incorrect authorization
EUVDB-ID: #VU71525
Risk: Medium
CVSSv4.0: 5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-28321
CWE-ID:
CWE-863 - Incorrect Authorization
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authorization process.
The vulnerability exists due to an error within the pam_access.so module in Linux-PAM package, which does not correctly restrict login if a user tries to connect from an IP address that is not resolvable via DNS. A remote attacker can bypass authorization process and login to the system via SSH from IP addresses that were not allowed to connect from.
Install update from vendor's website.
Vulnerable software versionsPlatform Automation Toolkit: before 4.4.31
CPE2.3 External linkshttps://tanzu.vmware.com/security/usn-5825-1
https://tanzu.vmware.com/security/usn-5825-2
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
