Lucene search
VmwareCVELIST:CVE-2022-22958HistoryApr 13, 2022 - 5:05 p.m.
CVE-2022-22958
2022-04-1317:05:58
vmware
www.cve.org
1
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code execution vulnerabilities (CVE-2022-22957 & CVE-2022-22958). A malicious actor with administrative access can trigger deserialization of untrusted data through malicious JDBC URI which may result in remote code execution.
CNA Affected
[
{
"product": "VMware Workspace ONE Access, Identity Manager and vRealize Automation.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Access 21.08.0.1, 21.08.0.0, 20.10.0.1, 20.10.0.0. Identity Manager 3.3.6, 3.3.5, 3.3.4, 3.3.3. vRealize Automation 7.6."
}
]
}
]Related
nvd
nvd
CVE-2022-22958
2022-04-13 18:15:13
CVE-2022-22957
2022-04-13 18:15:13
prion
prion
Deserialization of untrusted data
2022-04-13 18:15:00
Deserialization of untrusted data
2022-04-13 18:15:00
cvelist
cvelist
CVE-2022-22957
2022-04-13 00:00:00
cve
cve
CVE-2022-22957
2022-04-13 18:15:13
CVE-2022-22958
2022-04-13 18:15:13
srcincite
srcincite
SRC-2022-0008 : VMware Workspace ONE Access ApplicationSetupController dbTestConnection JDBC Injection Remote Code Execution Vulnerability
2022-02-25 00:00:00
thn
thn
nessus
nessus
vmware
vmware
zdt
zdt
VMware Workspace ONE Remote Code Execution Exploit
2023-04-18 00:00:00
metasploit
metasploit
VMware Workspace ONE Access VMSA-2022-0011 exploit chain
2023-04-06 03:10:34
packetstorm
packetstorm
Mware Workspace ONE Remote Code Execution
2023-04-18 00:00:00
rapid7blog
rapid7blog
Metasploit Weekly Wrap-Up
2023-04-21 18:02:40
hivepro
hivepro
Weekly Threat Digest: 11 – 17 April 2022
2022-04-21 04:59:07