/

CVE-2022-22954 Report - Details, Severity, & Advisorie...

CVE-2022-22954 Report - Details, Severity, & Advisories

Twingate Team

Jan 25, 2024

CVE-2022-22954 is a critical vulnerability affecting VMware Workspace ONE Access, Identity Manager, and vRealize Automation. It allows a malicious actor with network access to execute remote code due to server-side template injection. The severity of this vulnerability is rated as 9.8 on the CVSS 3.x scale and 10.0 on the CVSS 2.0 scale. The types of systems impacted include VMware Workspace ONE Access, VMware Identity Manager, VMware vRealize Automation, and Linux Kernel.

How do I know if I'm affected?

To determine if you're affected by the vulnerability, check if you're using any of the following software: VMware Identity Manager, VMware vRealize Automation, VMware Workspace ONE Access, VMware Cloud Foundation, or VMware vRealize Suite Lifecycle Manager. The vulnerability impacts specific versions of these products, so it's essential to verify your software version.

What should I do if I'm affected?

If you're affected by the vulnerability, immediately apply the patches provided by VMware for your specific software version. You can find these patches in the "Fixed Version" column of the Resolution Matrix. Additionally, follow any available workarounds documented in the VMware Knowledge Base articles. Stay updated with VMware Security Advisories and sign up for notifications.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

Yes, the CVE-2022-22954 vulnerability is in CISA's Known Exploited Vulnerabilities Catalog. The vulnerability is called VMware Workspace ONE Access and Identity Manager Server-Side Template Injection Vulnerability. It was added to the catalog on April 14, 2022, with a due date of May 5, 2022. The required action is to apply updates according to vendor instructions.

Weakness enumeration

The weakness enumeration for this vulnerability is categorized as CWE-94, which involves improper control of code generation, allowing attackers to exploit server-side template injection and potentially execute remote code.

For more details

CVE-2022-22954 is a critical vulnerability affecting various VMware products, with potential for remote code execution due to server-side template injection. To gain a deeper understanding of its description, severity, technical details, and affected software configurations, explore the NVD page or the links below.

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

/

CVE-2022-22954 Report - Details, Severity, & Advisorie...

CVE-2022-22954 Report - Details, Severity, & Advisories

Twingate Team

Jan 25, 2024

CVE-2022-22954 is a critical vulnerability affecting VMware Workspace ONE Access, Identity Manager, and vRealize Automation. It allows a malicious actor with network access to execute remote code due to server-side template injection. The severity of this vulnerability is rated as 9.8 on the CVSS 3.x scale and 10.0 on the CVSS 2.0 scale. The types of systems impacted include VMware Workspace ONE Access, VMware Identity Manager, VMware vRealize Automation, and Linux Kernel.

How do I know if I'm affected?

To determine if you're affected by the vulnerability, check if you're using any of the following software: VMware Identity Manager, VMware vRealize Automation, VMware Workspace ONE Access, VMware Cloud Foundation, or VMware vRealize Suite Lifecycle Manager. The vulnerability impacts specific versions of these products, so it's essential to verify your software version.

What should I do if I'm affected?

If you're affected by the vulnerability, immediately apply the patches provided by VMware for your specific software version. You can find these patches in the "Fixed Version" column of the Resolution Matrix. Additionally, follow any available workarounds documented in the VMware Knowledge Base articles. Stay updated with VMware Security Advisories and sign up for notifications.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

Yes, the CVE-2022-22954 vulnerability is in CISA's Known Exploited Vulnerabilities Catalog. The vulnerability is called VMware Workspace ONE Access and Identity Manager Server-Side Template Injection Vulnerability. It was added to the catalog on April 14, 2022, with a due date of May 5, 2022. The required action is to apply updates according to vendor instructions.

Weakness enumeration

The weakness enumeration for this vulnerability is categorized as CWE-94, which involves improper control of code generation, allowing attackers to exploit server-side template injection and potentially execute remote code.

For more details

CVE-2022-22954 is a critical vulnerability affecting various VMware products, with potential for remote code execution due to server-side template injection. To gain a deeper understanding of its description, severity, technical details, and affected software configurations, explore the NVD page or the links below.

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

CVE-2022-22954 Report - Details, Severity, & Advisories

Twingate Team

Jan 25, 2024

CVE-2022-22954 is a critical vulnerability affecting VMware Workspace ONE Access, Identity Manager, and vRealize Automation. It allows a malicious actor with network access to execute remote code due to server-side template injection. The severity of this vulnerability is rated as 9.8 on the CVSS 3.x scale and 10.0 on the CVSS 2.0 scale. The types of systems impacted include VMware Workspace ONE Access, VMware Identity Manager, VMware vRealize Automation, and Linux Kernel.

How do I know if I'm affected?

To determine if you're affected by the vulnerability, check if you're using any of the following software: VMware Identity Manager, VMware vRealize Automation, VMware Workspace ONE Access, VMware Cloud Foundation, or VMware vRealize Suite Lifecycle Manager. The vulnerability impacts specific versions of these products, so it's essential to verify your software version.

What should I do if I'm affected?

If you're affected by the vulnerability, immediately apply the patches provided by VMware for your specific software version. You can find these patches in the "Fixed Version" column of the Resolution Matrix. Additionally, follow any available workarounds documented in the VMware Knowledge Base articles. Stay updated with VMware Security Advisories and sign up for notifications.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

Yes, the CVE-2022-22954 vulnerability is in CISA's Known Exploited Vulnerabilities Catalog. The vulnerability is called VMware Workspace ONE Access and Identity Manager Server-Side Template Injection Vulnerability. It was added to the catalog on April 14, 2022, with a due date of May 5, 2022. The required action is to apply updates according to vendor instructions.

Weakness enumeration

The weakness enumeration for this vulnerability is categorized as CWE-94, which involves improper control of code generation, allowing attackers to exploit server-side template injection and potentially execute remote code.

For more details

CVE-2022-22954 is a critical vulnerability affecting various VMware products, with potential for remote code execution due to server-side template injection. To gain a deeper understanding of its description, severity, technical details, and affected software configurations, explore the NVD page or the links below.