admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-06-20 18:00:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

add CVE-2022-22954

Browse Source
This commit is contained in:
gaopeng2 2022-04-11 16:58:13 +08:00
parent 2a9bab9172
commit 6759eab2ed
2 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
VMware/CVE-2022-22954/CVE-2022-22954.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.2 MiB

10
VMware/CVE-2022-22954/README.md Normal file
View File

@ -0,0 +1,10 @@
# VMware Workspace ONE Access & Identity Manager Remote Code Execution (CVE-2022-22954)
<span style=\"color: rgb(0, 0, 0); font-size: 16px;\">VMware Workspace ONE is an intelligence-driven digital workspace platform that lets you deliver and manage applications anywhere, anytime, on any device, in a simple and secure way. <span style=\"color: rgb(0, 0, 0); font-size: 16px;\">VMware workspace one access and Identity Manager have a remote command execution vulnerability caused by server template injection, which can be exploited by unauthenticated attackers for remote arbitrary code execution.
FOFA **query rule**: [app="vmware-Workspace-ONE-Access" || app="vmware-Identity-Manager"](https://fofa.info/result?qbase64=YXBwPSJ2bXdhcmUtV29ya3NwYWNlLU9ORS1BY2Nlc3MifHxhcHA9InZtd2FyZS1JZGVudGl0eS1NYW5hZ2VyIg%3D%3D)
# Demo
![CVE-2022-22954](CVE-2022-22954.gif)