VMware Authentication Bypass Vulnerability [CVE-2022-22972]

web
We discussed this vulnerability as part of our weekly podcast on 31 May 2022

Honestly, this is a bit of a crazy issue to see, during Login, if the LocalPasswordAuthAdapter gets used, it will attempt to validate the login credentials with whatever host is in the Host header, an attacker can often control this header completely. And so by pointing the header to a domain the attacker controls they can setup a server that will respond with an HTTP 200 to the authentication request allowing the attacker to login.