Statement on CVE 2022-22954 VMware Vulnerability

July 14, 2022

Information

VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-side template injection. A malicious actor with network access can trigger a server-side template injection that may result in remote code execution.

Risk

Low

Response

Melissa Data Corporation (“Melissa”) was not impacted by the VMware vulnerabilities as Melissa does not utilize any of the impacted VMware products.

Melissa will continue to follow all guidance provided for this vulnerability as necessary to prevent any future risks.