VMware Workspace ONE Access VMSA-2022-0011 exploit chain

This module combines two vulnerabilities in order achieve remote code execution in the context of the horizon user. The first vulnerability CVE-2022-22956 is an authentication bypass in OAuth2TokenResourceController ACS which allows a remote, unauthenticated attacker to bypass the authentication...

SRC-2022-0023 : VMWare Workspace ONE Access ClaimTransformationHelper validateClaimRuleCondition Remote Code Execution Vulnerability

Vulnerability Details: This vulnerability allows remote attackers to disclose sensitive information on affected installations of VMWare Workspace ONE Access. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

VMware Workspace ONE Access Privilege Escalation Exploit

VMware Workspace ONE Access contains a vulnerability whereby the horizon user can escalate their privileges to those of the root user by modifying a file and then restarting the vmware-certproxy service which invokes it. The service control is permitted via the sudo configuration without a...

VMware Workspace ONE Access Template Injection / Command Execution Exploit

This Metasploit module exploits CVE-2022-22954, an unauthenticated server-side template injection SSTI vulnerability in VMware Workspace ONE Access, to execute shell commands as the horizon user. This module requires Metasploit: https://metasploit.com/download Current source:...

VMware Workspace ONE Access CVE-2022-22954

This module exploits CVE-2022-22954, an unauthenticated server-side template injection SSTI in VMware Workspace ONE Access, to execute shell commands as the "horizon" user. Module Options msf use exploit/linux/http/vmwareworkspaceoneaccesscve202222954 msf exploitvmwareworkspaceoneaccesscve2022229...

CVE-2022-22960

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in support scripts. A malicious actor with local access can escalate privileges to ‘root’. Recent assessments: zeroSteiner at May 23, 2022 1:41pm UTC...

SRC-2022-0008 : VMware Workspace ONE Access ApplicationSetupController dbTestConnection JDBC Injection Remote Code Execution Vulnerability

Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on affected installations of VMware Workspace ONE Access. Authentication is required to exploit this vulnerability. The specific flaw exists within ApplicationSetupController class. The issue results from...

SRC-2022-0007 : VMware Workspace ONE Access OAuth2ActivateResource ACS Authentication Bypass Vulnerability

Vulnerability Details: This vulnerability allows remote attackers to bypass authentication on affected installations of VMware Workspace ONE Access. Authentication is not required to exploit this vulnerability. The specific flaw exists within OAuth2ActivateResource class. The issue results from t...