CVE-2022-22954

Description from NVD

VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-side template injection. A malicious actor with network access can trigger a server-side template injection that may result in remote code execution.

Information Acquisition Date:2022-10-24T14:49Z
CVSS 2.0: 10.0 HIGH CVSS 3.x: 9.8 CRITICAL

▼ CVSS3 Vec CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

▼ CVSS2 Vec AV:N/AC:L/Au:N/C:C/I:C/A:C

NVD References

 https://www.vmware.com/security/advisories/VMSA-2022-0011.html
     source:MISC
     tags:Vendor Advisory    
 http://packetstormsecurity.com/files/166935/VMware-Workspace-ONE-Access-Template-Injection-Command-Execution.html
     source:MISC
     tags:Exploit    Third Party Advisory    VDB Entry    

This vulnerability may involve a PoC.

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN
Reconshell

Software Tag: VMware(4 tweets) Windows(2 tweets)

List of frequently cited URLs

URLNum of Times Referred to
https://alerts.vulmon.com/?utm_source=twitter&utm_medium=so...211
https://cvetrends.com55
http://cyberiqs.com/latestnews36
https://lists.astaro.com/ASGV9-IPS-rules.html#027
http://t.me/gobies8
https://thehackernews.com/2022/04/vmware-releases-critical-...6
https://unit42.paloaltonetworks.com/cve-2022-22954-vmware-v...6
https://www.helpnetsecurity.com/2022/04/14/cve-2022-229545
https://us-cert.cisa.gov/ncas/alerts/aa22-138b4
https://blog.morphisec.com/vmware-identity-manager-attack-b...4
https://www.darkreading.com/application-security/critical-v...4
https://cybersecurity.att.com/blogs/labs-research/rapidly-e...4
https://ift.tt/0jkUXZv3
https://youtu.be/HG8jeoEO-mk3
http://github.com/gobysec/GobyVuls3
https://vmware.com/security/advisories/VMSA-2022-0011.html3
https://opsmtrs.com/3CB9DMm3
https://twitter.com/ptswarm/status/15120833278842716193
https://socprime.com/blog/cve-2022-22960-and-cve-2022-22954...3
https://attackerkb.com/topics/BDXyTqY1ld/cve-2022-229543
https://reconshell.com/cve-2022-22954-vmware-rce3
https://www.rapid7.com/blog/post/2022/04/29/widespread-expl...3
https://www.vmware.com/security/advisories/VMSA-2022-0011.html3
https://arstechnica.com/information-technology/2022/10/rans...3
https://www.tenable.com/blog/vmware-patches-multiple-vulner...3
https://www.fortinet.com/blog/threat-research/multiple-malw...3
https://0x7c3.blogspot.com/2022/04/iranian-rocket-kitten-ha...3
https://securityaffairs.co/wordpress/130188/hacking/vmware-...3
https://www.bleepingcomputer.com/news/security/hackers-expl...3
https://ipssignatures.appspot.com/?cve=CVE-2022-229543

Information from Twitter

User URL Info Source Date
CyberWarship https://github.com/rapid7/metasploit-framework/pull/16512 Source CyberWarship     1625807639459336192 2023/02/15
CyberWarship https://twitter.com/CyberWarship/status/1625807639459336192... Source CyberWarship     1625807639459336192 2023/02/15
beingsheerazali https://github.com/rapid7/metasploit-framework/pull/16512 Source beingsheerazali 1625818160908861442 2023/02/15
beingsheerazali https://twitter.com/CyberWarship/status/1625807639459336192... Source beingsheerazali 1625818160908861442 2023/02/15
__kokumoto https://www.securityweek.com/most-weaponized-vulnerabilitie... Source __kokumoto       1641088615957815296 2023/03/29

List of frequently cited URLs

URLNum of Times Referred to
alerts.vulmon.com211
cvetrends.com55
cyberiqs.com36
lists.astaro.com27
t.me8
thehackernews.com6
unit42.paloaltonetworks.com6
www.helpnetsecurity.com5
us-cert.cisa.gov4
blog.morphisec.com4
www.darkreading.com4
cybersecurity.att.com4
ift.tt3
youtu.be3
github.com3
vmware.com3
opsmtrs.com3
twitter.com3
socprime.com3
attackerkb.com3
reconshell.com3
www.rapid7.com3
www.vmware.com3
arstechnica.com3
www.tenable.com3
www.fortinet.com3
0x7c3.blogspot.com3
securityaffairs.co3
www.bleepingcomputer.com3
ipssignatures.appspot.com3

Information from Twitter

User URL Info Source
CyberWarship github.com Show Tweet
CyberWarship twitter.com Show Tweet
beingsheerazali github.com Show Tweet
beingsheerazali twitter.com Show Tweet
__kokumoto securityweek.com Show Tweet
GitHub Search Results: Up to 10
NameURL
sherlocksecurity/VMware-CVE-2022-22954 https://github.com/sherlocksecurity/VMware-CVE-2022-22954
bewhale/CVE-2022-22954 https://github.com/bewhale/CVE-2022-22954
jax7sec/CVE-2022-22954 https://github.com/jax7sec/CVE-2022-22954
chaosec2021/CVE-2022-22954-VMware-RCE https://github.com/chaosec2021/CVE-2022-22954-VMware-RCE
tunelko/CVE-2022-22954-PoC https://github.com/tunelko/CVE-2022-22954-PoC
Anonymous-ghost/AttackWebFrameworkTools-5.0 https://github.com/Anonymous-ghost/AttackWebFrameworkTools-5.0
lucksec/VMware-CVE-2022-22954 https://github.com/lucksec/VMware-CVE-2022-22954
MSeymenD/CVE-2022-22954-Testi https://github.com/MSeymenD/CVE-2022-22954-Testi
aniqfakhrul/CVE-2022-22954 https://github.com/aniqfakhrul/CVE-2022-22954
Vulnmachines/VMWare_CVE-2022-22954 https://github.com/Vulnmachines/VMWare_CVE-2022-22954
GitHub Search Results: Up to 10
NameURL
sherlocksecurity/VMware-CVE-2022-22954 github.com
bewhale/CVE-2022-22954 github.com
jax7sec/CVE-2022-22954 github.com
chaosec2021/CVE-2022-22954-VMware-RCE github.com
tunelko/CVE-2022-22954-PoC github.com
Anonymous-ghost/AttackWebFrameworkTools-5.0 github.com
lucksec/VMware-CVE-2022-22954 github.com
MSeymenD/CVE-2022-22954-Testi github.com
aniqfakhrul/CVE-2022-22954 github.com
Vulnmachines/VMWare_CVE-2022-22954 github.com
2023/03/29 Score : 2
Added Har-sia Database : 2022/04/07
Last Modified : 2023/03/29
Highest Scored Date : 2022/04/14
Highest Score : 133