qwqdanchun
/
Goby
mirror of https://github.com/qwqdanchun/Goby.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Goby/json/VMware-Workspace-ONE-Access...

83 lines
5.8 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"Name": "VMware Workspace ONE Access & Identity Manager Remote Code Execution (CVE-2022-22954)",
"Description": "<p><span style=\"color: rgb(0, 0, 0); font-size: 16px;\">VMware Workspace ONE is an intelligence-driven digital workspace platform that lets you deliver and manage applications anywhere, anytime, on any device, in a simple and secure way.<br></span></p><p><span style=\"color: rgb(0, 0, 0); font-size: 16px;\">VMware workspace one access and Identity Manager have a remote command execution vulnerability caused by server template injection, which can be exploited by unauthenticated attackers for remote arbitrary code execution.</span><br></p>",
"Product": "VMware Workspace ONE Access",
"Homepage": "https://docs.vmware.com/cn/VMware-Workspace-ONE-Access/index.html",
"DisclosureDate": "2022-04-06",
"Author": "su18@javaweb.org",
"FofaQuery": "(title=\"VMware Identity Manager\" || (body=\"/cfg/help/getHelpLink\" && body=\"<h2>VMware Identity Manager Portal\"))||(banner=\"Location: /workspaceone/index.html\" || (banner=\"Location: /SAAS/apps/\" && banner=\"Content-Length: 0\") || (title=\"Workspace ONE Access\" && (body=\"content=\\\"VMware, Inc.\" || body=\"<div class=\\\"admin-header-org\\\">Workspace ONE Access</div>\")) || title=\"VMware Workspace ONE® Assist\")",
"GobyQuery": "(title=\"VMware Identity Manager\" || (body=\"/cfg/help/getHelpLink\" && body=\"<h2>VMware Identity Manager Portal\"))||(banner=\"Location: /workspaceone/index.html\" || (banner=\"Location: /SAAS/apps/\" && banner=\"Content-Length: 0\") || (title=\"Workspace ONE Access\" && (body=\"content=\\\"VMware, Inc.\" || body=\"<div class=\\\"admin-header-org\\\">Workspace ONE Access</div>\")) || title=\"VMware Workspace ONE® Assist\")",
"Level": "3",
"Impact": "<p><span style=\"color: rgb(0, 0, 0); font-size: 16px;\">VMware workspace one access and Identity Manager have a remote command execution vulnerability caused by server template injection, which can be exploited by unauthenticated attackers for remote arbitrary code execution.</span><br></p>",
"Recommendation": "<p>At present, the official has released an updated patch. Please pay attention to:</p><p><a href=\"https://kb.vmware.com/s/article/88099\">https://kb.vmware.com/s/article/88099</a></p>",
"References": [
"https://fofa.so/"
],
"Is0day": true,
"HasExp": true,
"ExpParams": [
{
"name": "cmd",
"type": "input",
"value": "whoami",
"show": ""
}
],
"ExpTips": {
"Type": "",
"Content": ""
},
"ScanSteps": null,
"ExploitSteps": null,
"Tags": [
"rce"
],
"VulType": [
"rce"
],
"CVEIDs": [
"CVE-2022-22954"
],
"CNNVD": [
""
],
"CNVD": [
""
],
"CVSSScore": "9.8",
"Translation": {
"CN": {
"Name": "VMware Workspace ONE Access 及 Identity Manager 任意命令执行漏洞CVE-2022-22954",
"Product": "VMware Workspace ONE Access",
"Description": "<p><span style=\"font-size: 10pt;\">VMware Workspace ONE 是一款智慧导向的数位工作区平台,可让您随时随地在任何装置上以简单又安全的方式,交付及管理各种应用程式。<br></span></p><p><span style=\"font-size: 10pt;\">VMware Workspace ONE Access </span><span style=\"font-size: 10pt;\">及 </span><span style=\"font-size: 10pt;\">Identity Manager </span><span style=\"font-size: 10pt;\">存在一个由服务器模板注入导致的远程命令执行漏洞,未经身份验证的攻击者可以利用此漏洞进行远程任意代码执行。&nbsp;</span></p><p>\t\t\t\t\t</p><p>\t\t\t\t</p><p>\t\t\t</p><p>\t\t</p>",
"Recommendation": "<p>目前官方已经发布更新补丁,请关注:</p><p><a href=\"https://kb.vmware.com/s/article/88099\">https://kb.vmware.com/s/article/88099</a><br></p>",
"Impact": "<p><span style=\"color: rgb(22, 51, 102); font-size: 10pt;\">VMware Workspace ONE Access&nbsp;</span><span style=\"color: rgb(22, 51, 102); font-size: 10pt;\">及&nbsp;</span><span style=\"color: rgb(22, 51, 102); font-size: 10pt;\">Identity Manager&nbsp;</span><span style=\"color: rgb(22, 51, 102); font-size: 10pt;\">存在一个由服务器模板注入导致的远程命令执行漏洞,未经身份验证的攻击者可以利用此漏洞进行远程任意代码执行。&nbsp;</span><br></p>",
"VulType": [
"命令执⾏"
],
"Tags": [
"命令执⾏"
]
},
"EN": {
"Name": "VMware Workspace ONE Access & Identity Manager Remote Code Execution (CVE-2022-22954)",
"Product": "VMware Workspace ONE Access",
"Description": "<p><span style=\"color: rgb(0, 0, 0); font-size: 16px;\">VMware Workspace ONE is an intelligence-driven digital workspace platform that lets you deliver and manage applications anywhere, anytime, on any device, in a simple and secure way.<br></span></p><p><span style=\"color: rgb(0, 0, 0); font-size: 16px;\">VMware workspace one access and Identity Manager have a remote command execution vulnerability caused by server template injection, which can be exploited by unauthenticated attackers for remote arbitrary code execution.</span><br></p>",
"Recommendation": "<p>At present, the official has released an updated patch. Please pay attention to:</p><p><a href=\"https://kb.vmware.com/s/article/88099\">https://kb.vmware.com/s/article/88099</a></p>",
"Impact": "<p><span style=\"color: rgb(0, 0, 0); font-size: 16px;\">VMware workspace one access and Identity Manager have a remote command execution vulnerability caused by server template injection, which can be exploited by unauthenticated attackers for remote arbitrary code execution.</span><br></p>",
"VulType": [
"Command Execution"
],
"Tags": [
"Command Execution"
]
}
},
"AttackSurfaces": {
"Application": null,
"Support": null,
"Service": null,
"System": null,
"Hardware": null
}
}
Reference in New Issue View Git Blame Copy Permalink