ID 51468
Created Apr 12, 2022
Updated May 13, 2022
Severity dark-circle dark-circle dark-circle dark-circle dark-circle
Coverage switch-on-logo IPS (Regular DB)
switch-on-logo IPS (Extended DB)
Default Action drop
Active switch-on-logo
Affected OS Windows, Linux
Affected App Other

Legend

Active/Available switch-on-logo
InActive/Not Available switch-off-logo

Update History

Date Version Detail
2022-05-16 20.316 Default_action:pass:drop
2022-04-13 20.297

Threat Encyclopedia

VMware.Workspace.ONE.Access.Catalog.Remote.Code.Execution

description-logoDescription

This indicates an attack attempt against an Server Side Template Injection vulnerability in VMware Workspace ONE Access and Identity Manager.
The vulnerability is due to insufficient sanitizing of user supplied custom templates. A remote attacker can exploit this to execute arbitrary code within the context of the target system.

affected-products-logoAffected Products

VMware Workspace ONE Access 20.10.0.1, 20.10.0.0, 21.08.0.1, 21.08.0.0
VMware Identity Manager 3.3.6, 3.3.5, 3.3.4, 3.3.3
VMware Cloud Foundation (vIDM) 4.x
vRealize Suite Lifecycle Manager (vIDM) 8.x

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://www.vmware.com/security/advisories/VMSA-2022-0011.html

CVE References

CVE-2022-22954

Other References

https://www.vmware.com/security/advisories/VMSA-2022-0011.html

Telemetry logoTelemetry