mirror of https://github.com/qwqdanchun/Goby.git
83 lines
5.8 KiB
JSON
83 lines
5.8 KiB
JSON
{
|
||
"Name": "VMware Workspace ONE Access & Identity Manager Remote Code Execution (CVE-2022-22954)",
|
||
"Description": "<p><span style=\"color: rgb(0, 0, 0); font-size: 16px;\">VMware Workspace ONE is an intelligence-driven digital workspace platform that lets you deliver and manage applications anywhere, anytime, on any device, in a simple and secure way.<br></span></p><p><span style=\"color: rgb(0, 0, 0); font-size: 16px;\">VMware workspace one access and Identity Manager have a remote command execution vulnerability caused by server template injection, which can be exploited by unauthenticated attackers for remote arbitrary code execution.</span><br></p>",
|
||
"Product": "VMware Workspace ONE Access",
|
||
"Homepage": "https://docs.vmware.com/cn/VMware-Workspace-ONE-Access/index.html",
|
||
"DisclosureDate": "2022-04-06",
|
||
"Author": "su18@javaweb.org",
|
||
"FofaQuery": "(title=\"VMware Identity Manager\" || (body=\"/cfg/help/getHelpLink\" && body=\"<h2>VMware Identity Manager Portal\"))||(banner=\"Location: /workspaceone/index.html\" || (banner=\"Location: /SAAS/apps/\" && banner=\"Content-Length: 0\") || (title=\"Workspace ONE Access\" && (body=\"content=\\\"VMware, Inc.\" || body=\"<div class=\\\"admin-header-org\\\">Workspace ONE Access</div>\")) || title=\"VMware Workspace ONE® Assist\")",
|
||
"GobyQuery": "(title=\"VMware Identity Manager\" || (body=\"/cfg/help/getHelpLink\" && body=\"<h2>VMware Identity Manager Portal\"))||(banner=\"Location: /workspaceone/index.html\" || (banner=\"Location: /SAAS/apps/\" && banner=\"Content-Length: 0\") || (title=\"Workspace ONE Access\" && (body=\"content=\\\"VMware, Inc.\" || body=\"<div class=\\\"admin-header-org\\\">Workspace ONE Access</div>\")) || title=\"VMware Workspace ONE® Assist\")",
|
||
"Level": "3",
|
||
"Impact": "<p><span style=\"color: rgb(0, 0, 0); font-size: 16px;\">VMware workspace one access and Identity Manager have a remote command execution vulnerability caused by server template injection, which can be exploited by unauthenticated attackers for remote arbitrary code execution.</span><br></p>",
|
||
"Recommendation": "<p>At present, the official has released an updated patch. Please pay attention to:</p><p><a href=\"https://kb.vmware.com/s/article/88099\">https://kb.vmware.com/s/article/88099</a></p>",
|
||
"References": [
|
||
"https://fofa.so/"
|
||
],
|
||
"Is0day": true,
|
||
"HasExp": true,
|
||
"ExpParams": [
|
||
{
|
||
"name": "cmd",
|
||
"type": "input",
|
||
"value": "whoami",
|
||
"show": ""
|
||
}
|
||
],
|
||
"ExpTips": {
|
||
"Type": "",
|
||
"Content": ""
|
||
},
|
||
"ScanSteps": null,
|
||
"ExploitSteps": null,
|
||
"Tags": [
|
||
"rce"
|
||
],
|
||
"VulType": [
|
||
"rce"
|
||
],
|
||
"CVEIDs": [
|
||
"CVE-2022-22954"
|
||
],
|
||
"CNNVD": [
|
||
""
|
||
],
|
||
"CNVD": [
|
||
""
|
||
],
|
||
"CVSSScore": "9.8",
|
||
"Translation": {
|
||
"CN": {
|
||
"Name": "VMware Workspace ONE Access 及 Identity Manager 任意命令执行漏洞(CVE-2022-22954)",
|
||
"Product": "VMware Workspace ONE Access",
|
||
"Description": "<p><span style=\"font-size: 10pt;\">VMware Workspace ONE 是一款智慧导向的数位工作区平台,可让您随时随地在任何装置上以简单又安全的方式,交付及管理各种应用程式。<br></span></p><p><span style=\"font-size: 10pt;\">VMware Workspace ONE Access </span><span style=\"font-size: 10pt;\">及 </span><span style=\"font-size: 10pt;\">Identity Manager </span><span style=\"font-size: 10pt;\">存在一个由服务器模板注入导致的远程命令执行漏洞,未经身份验证的攻击者可以利用此漏洞进行远程任意代码执行。 </span></p><p>\t\t\t\t\t</p><p>\t\t\t\t</p><p>\t\t\t</p><p>\t\t</p>",
|
||
"Recommendation": "<p>目前官方已经发布更新补丁,请关注:</p><p><a href=\"https://kb.vmware.com/s/article/88099\">https://kb.vmware.com/s/article/88099</a><br></p>",
|
||
"Impact": "<p><span style=\"color: rgb(22, 51, 102); font-size: 10pt;\">VMware Workspace ONE Access </span><span style=\"color: rgb(22, 51, 102); font-size: 10pt;\">及 </span><span style=\"color: rgb(22, 51, 102); font-size: 10pt;\">Identity Manager </span><span style=\"color: rgb(22, 51, 102); font-size: 10pt;\">存在一个由服务器模板注入导致的远程命令执行漏洞,未经身份验证的攻击者可以利用此漏洞进行远程任意代码执行。 </span><br></p>",
|
||
"VulType": [
|
||
"命令执⾏"
|
||
],
|
||
"Tags": [
|
||
"命令执⾏"
|
||
]
|
||
},
|
||
"EN": {
|
||
"Name": "VMware Workspace ONE Access & Identity Manager Remote Code Execution (CVE-2022-22954)",
|
||
"Product": "VMware Workspace ONE Access",
|
||
"Description": "<p><span style=\"color: rgb(0, 0, 0); font-size: 16px;\">VMware Workspace ONE is an intelligence-driven digital workspace platform that lets you deliver and manage applications anywhere, anytime, on any device, in a simple and secure way.<br></span></p><p><span style=\"color: rgb(0, 0, 0); font-size: 16px;\">VMware workspace one access and Identity Manager have a remote command execution vulnerability caused by server template injection, which can be exploited by unauthenticated attackers for remote arbitrary code execution.</span><br></p>",
|
||
"Recommendation": "<p>At present, the official has released an updated patch. Please pay attention to:</p><p><a href=\"https://kb.vmware.com/s/article/88099\">https://kb.vmware.com/s/article/88099</a></p>",
|
||
"Impact": "<p><span style=\"color: rgb(0, 0, 0); font-size: 16px;\">VMware workspace one access and Identity Manager have a remote command execution vulnerability caused by server template injection, which can be exploited by unauthenticated attackers for remote arbitrary code execution.</span><br></p>",
|
||
"VulType": [
|
||
"Command Execution"
|
||
],
|
||
"Tags": [
|
||
"Command Execution"
|
||
]
|
||
}
|
||
},
|
||
"AttackSurfaces": {
|
||
"Application": null,
|
||
"Support": null,
|
||
"Service": null,
|
||
"System": null,
|
||
"Hardware": null
|
||
}
|
||
} |