VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code execution vulnerabilities (CVE-2022-22957 & CVE-2022-22958). A malicious actor with administrative access can trigger deserialization of untrusted data through malicious JDBC URI which may result in remote code execution.
Published 2022-04-13 18:15:13
Updated 2023-04-19 00:15:08
Source VMware
View at NVD,   CVE.org
Vulnerability category: Execute code

Products affected by CVE-2022-22957

Exploit prediction scoring system (EPSS) score for CVE-2022-22957

2.03%
Probability of exploitation activity in the next 30 days EPSS Score History
~ 89 %
Percentile, the proportion of vulnerabilities that are scored at or less

Metasploit modules for CVE-2022-22957

  • VMware Workspace ONE Access VMSA-2022-0011 exploit chain
    Disclosure Date: 2022-04-06
    First seen: 2023-09-11
    exploit/linux/http/vmware_workspace_one_access_vmsa_2022_0011_chain
    This module combines two vulnerabilities in order achieve remote code execution in the context of the `horizon` user. The first vulnerability CVE-2022-22956 is an authentication bypass in OAuth2TokenResourceController ACS which allows a remote, unauthenticated attacker

CVSS scores for CVE-2022-22957

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Score Source First Seen
6.5
MEDIUM AV:N/AC:L/Au:S/C:P/I:P/A:P
8.0
6.4
NIST
7.2
HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1.2
5.9
NIST

CWE ids for CVE-2022-22957

Jump to
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!