CVE-2022-22957 – VMware Workspace ONE Remote Code Execution
https://notcve.org/view.php?id=CVE-2022-22957
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code execution vulnerabilities (CVE-2022-22957 & CVE-2022-22958). A malicious actor with administrative access can trigger deserialization of untrusted data through malicious JDBC URI which may result in remote code execution. VMware Workspace ONE Access, Identity Manager y vRealize Automation contienen dos vulnerabilidades de ejecución de código remota (CVE-2022-22957 y CVE-2022-22958). Un actor malicioso con acceso administrativo puede desencadenar la deserialización de datos no confiables mediante un URI JDBC malicioso que puede resultar en una ejecución de código remota • http://packetstormsecurity.com/files/171918/Mware-Workspace-ONE-Remote-Code-Execution.html http://packetstormsecurity.com/files/171918/VMware-Workspace-ONE-Remote-Code-Execution.html https://www.vmware.com/security/advisories/VMSA-2022-0011.html https://srcincite.io/blog/2022/08/11/i-am-whoever-i-say-i-am-infiltrating-vmware-workspace-one-access-using-a-0-click-exploit.html#dbconnectioncheckcontroller-dbcheck-jdbc-injection-remote-code-execution https://github.com/sourceincite/hekate • CWE-502: Deserialization of Untrusted Data •
CVE-2022-22960 – VMware Multiple Products Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-22960
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in support scripts. A malicious actor with local access can escalate privileges to 'root'. VMware Workspace ONE Access, Identity Manager y vRealize Automation contienen una vulnerabilidad de escalada de privilegios debido a permisos inapropiados en scripts de soporte. Un actor malicioso con acceso local puede escalar los privilegios a "root" VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in support scripts. • http://packetstormsecurity.com/files/171918/Mware-Workspace-ONE-Remote-Code-Execution.html http://packetstormsecurity.com/files/171918/VMware-Workspace-ONE-Remote-Code-Execution.html http://packetstormsecurity.com/files/171935/VMware-Workspace-ONE-Access-Privilege-Escalation.html https://www.vmware.com/security/advisories/VMSA-2022-0011.html https://srcincite.io/blog/2022/08/11/i-am-whoever-i-say-i-am-infiltrating-vmware-workspace-one-access-using-a-0-click-exploit.html#dbconnectioncheckcontroller-dbcheck-jdbc-injection-remote& • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVE-2022-22948 – VMware vCenter Server Incorrect Default File Permissions Vulnerability
https://notcve.org/view.php?id=CVE-2022-22948
The vCenter Server contains an information disclosure vulnerability due to improper permission of files. A malicious actor with non-administrative access to the vCenter Server may exploit this issue to gain access to sensitive information. vCenter Server contiene una vulnerabilidad de divulgación de información debido a un permiso inapropiado de los archivos. Un actor malicioso con acceso no administrativo al vCenter Server puede explotar este problema para conseguir acceso a información confidencial VMware vCenter Server contains an incorrect default file permissions vulnerability that allows a remote, privileged attacker to gain access to sensitive information. • https://github.com/PenteraIO/CVE-2022-22948 https://www.vmware.com/security/advisories/VMSA-2022-0009.html • CWE-276: Incorrect Default Permissions •
CVE-2022-22945
https://notcve.org/view.php?id=CVE-2022-22945
VMware NSX Edge contains a CLI shell injection vulnerability. A malicious actor with SSH access to an NSX-Edge appliance can execute arbitrary commands on the operating system as root. VMware NSX Edge contiene una vulnerabilidad de inyección de shell CLI. Un actor malicioso con acceso SSH a un dispositivo NSX-Edge puede ejecutar comandos arbitrarios en el sistema operativo como root • https://www.vmware.com/security/advisories/VMSA-2022-0005.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2021-22050
https://notcve.org/view.php?id=CVE-2021-22050
ESXi contains a slow HTTP POST denial-of-service vulnerability in rhttpproxy. A malicious actor with network access to ESXi may exploit this issue to create a denial-of-service condition by overwhelming rhttpproxy service with multiple requests. ESXi contiene una vulnerabilidad de denegación de servicio HTTP POST lenta en rhttpproxy. Un actor malicioso con acceso a la red de ESXi puede explotar este problema para crear una condición de denegación de servicio al abrumar el servicio rhttpproxy con múltiples peticiones • https://www.vmware.com/security/advisories/VMSA-2022-0004.html • CWE-770: Allocation of Resources Without Limits or Throttling •