Lucene search
K

4 matches found

Metasploit
Metasploit
added 2023/04/18 7:43 p.m.324 views

VMware Workspace ONE Access VMSA-2022-0011 exploit chain

This module combines two vulnerabilities in order achieve remote code execution in the context of the horizon user. The first vulnerability CVE-2022-22956 is an authentication bypass in OAuth2TokenResourceController ACS which allows a remote, unauthenticated attacker to bypass the authentication...

9.8CVSS9.4AI score0.50694EPSS
Exploits7
0day.today
0day.today
added 2023/04/18 12:0 a.m.409 views

VMware Workspace ONE Remote Code Execution Exploit

This Metasploit module combines two vulnerabilities in order achieve remote code execution in the context of the horizon user. The first vulnerability, CVE-2022-22956, is an authentication bypass in OAuth2TokenResourceController ACS which allows a remote, unauthenticated attacker to bypass the...

9.8CVSS9.5AI score0.50694EPSS
Exploits13
Source Incite
Source Incite
added 2022/02/25 12:0 a.m.77 views

SRC-2022-0010 : VMware Workspace ONE Access DBConnectionCheckController Cross-Site Request Forgery Vulnerability

Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on affected installations of VMware Workspace ONE Access. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific fl...

4.3CVSS7.1AI score0.00497EPSS
Exploits1
Source Incite
Source Incite
added 2022/02/25 12:0 a.m.134 views

SRC-2022-0009 : VMware Workspace ONE Access DBConnectionCheckController dbCheck JDBC Injection Remote Code Execution Vulnerability

Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on affected installations of VMware Workspace ONE Access. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists...

7.2CVSS8.6AI score0.23084EPSS
Exploits5
Rows per page
Query Builder