CVE-2022-22954

CVSS 9.8 CRITICALEPSS 100.0%● KEVCWE-94

Em resumo

VMware Workspace ONE Access e Identity Manager têm uma falha que permite execução remota de código através de injeção de templates. Um atacante na rede pode explorar isso para executar código malicioso no servidor.

Detalhe técnico

Vulnerabilidade de injeção de template no lado do servidor no VMware Workspace ONE Access e Identity Manager permite execução remota de código não autenticada (CVSS 9.8). A falha resulta da falta de validação adequada de entrada no processamento de templates, permitindo que atacantes com acesso de rede injetem diretivas maliciosas que executam código arbitrário com privilégios do servidor.

Resumo gerado e traduzido por IA a partir da descrição oficial.

VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-side template injection. A malicious actor with network access can trigger a server-side template injection that may result in remote code execution.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Produtos afetados

n/a · VMware Workspace ONE Access and Identity Manager

PoCs públicas encontradas — 26

githubgithub.com/Schira4396/VcenterKiller★ 1475 githubgithub.com/sherlocksecurity/VMware-CVE-2022-22954★ 279 githubgithub.com/bewhale/CVE-2022-22954★ 68 githubgithub.com/tunelko/CVE-2022-22954-PoC★ 16 githubgithub.com/jax7sec/CVE-2022-22954★ 12 githubgithub.com/Vulnmachines/VMWare_CVE-2022-22954★ 11 githubgithub.com/DrorDvash/CVE-2022-22954_VMware_PoC★ 10 githubgithub.com/orwagodfather/CVE-2022-22954★ 8 githubgithub.com/b4dboy17/CVE-2022-22954★ 5 githubgithub.com/aniqfakhrul/CVE-2022-22954★ 4 githubgithub.com/MLX15/CVE-2022-22954★ 4 githubgithub.com/Chocapikk/CVE-2022-22954★ 4 githubgithub.com/axingde/CVE-2022-22954-POC★ 2 githubgithub.com/emilyastranova/VMware-CVE-2022-22954-Command-Injector★ 1 githubgithub.com/mumu2020629/-CVE-2022-22954-scanner★ 1 githubgithub.com/MSeymenD/CVE-2022-22954-Testi★ 1 githubgithub.com/corelight/cve-2022-22954★ 1 githubgithub.com/nguyenv1nK/CVE-2022-22954★ 0 githubgithub.com/mhurts/CVE-2022-22954-POC★ 0 githubgithub.com/secfb/CVE-2022-22954★ 0 githubgithub.com/Jun-5heng/CVE-2022-22954★ 0 githubgithub.com/lucksec/VMware-CVE-2022-22954★ 0 githubgithub.com/arzuozkan/CVE-2022-22954★ 0 githubgithub.com/amit-pathak009/CVE-2022-22954★ 0 githubgithub.com/amit-pathak009/CVE-2022-22954-PoC★ 0 cve_referencepacketstormsecurity.com/files/166935/VMware-Workspace-ONE-Access-Template-Injection-Command-Execution.htmlnão verificado

⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://packetstormsecurity.com/files/166935/VMware-Workspace-ONE-Access-Template-Injection-Command-Execution.html https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-22954 https://www.vmware.com/security/advisories/VMSA-2022-0011.html