CVE-2022-22960 – VMware Multiple Products Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-22960
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in support scripts. A malicious actor with local access can escalate privileges to 'root'. VMware Workspace ONE Access, Identity Manager y vRealize Automation contienen una vulnerabilidad de escalada de privilegios debido a permisos inapropiados en scripts de soporte. Un actor malicioso con acceso local puede escalar los privilegios a "root" VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in support scripts. • http://packetstormsecurity.com/files/171918/Mware-Workspace-ONE-Remote-Code-Execution.html http://packetstormsecurity.com/files/171918/VMware-Workspace-ONE-Remote-Code-Execution.html http://packetstormsecurity.com/files/171935/VMware-Workspace-ONE-Access-Privilege-Escalation.html https://www.vmware.com/security/advisories/VMSA-2022-0011.html https://srcincite.io/blog/2022/08/11/i-am-whoever-i-say-i-am-infiltrating-vmware-workspace-one-access-using-a-0-click-exploit.html#dbconnectioncheckcontroller-dbcheck-jdbc-injection-remote& • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVE-2022-22954 – VMware Workspace ONE Access and Identity Manager Server-Side Template Injection Vulnerability
https://notcve.org/view.php?id=CVE-2022-22954
VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-side template injection. A malicious actor with network access can trigger a server-side template injection that may result in remote code execution. VMware Workspace ONE Access y Identity Manager contienen una vulnerabilidad de ejecución de código remota debido a una inyección de plantillas del lado del servidor. Un actor malicioso con acceso a la red puede desencadenar una inyección de plantillas del lado del servidor que puede resultar en la ejecución de código remota VMware Workspace ONE Access and Identity Manager allow for remote code execution due to server-side template injection. • https://github.com/sherlocksecurity/VMware-CVE-2022-22954 https://github.com/bewhale/CVE-2022-22954 https://github.com/MLX15/CVE-2022-22954 https://github.com/orwagodfather/CVE-2022-22954 https://github.com/jax7sec/CVE-2022-22954 https://github.com/secfb/CVE-2022-22954 https://github.com/tunelko/CVE-2022-22954-PoC https://github.com/bb33bb/CVE-2022-22954-VMware-RCE https://github.com/aniqfakhrul/CVE-2022-22954 https://github.com/b4dboy17/CVE-2022-22954 https://githu • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2022-22948 – VMware vCenter Server Incorrect Default File Permissions Vulnerability
https://notcve.org/view.php?id=CVE-2022-22948
The vCenter Server contains an information disclosure vulnerability due to improper permission of files. A malicious actor with non-administrative access to the vCenter Server may exploit this issue to gain access to sensitive information. vCenter Server contiene una vulnerabilidad de divulgación de información debido a un permiso inapropiado de los archivos. Un actor malicioso con acceso no administrativo al vCenter Server puede explotar este problema para conseguir acceso a información confidencial VMware vCenter Server contains an incorrect default file permissions vulnerability that allows a remote, privileged attacker to gain access to sensitive information. • https://github.com/PenteraIO/CVE-2022-22948 https://www.vmware.com/security/advisories/VMSA-2022-0009.html • CWE-276: Incorrect Default Permissions •
CVE-2022-22945
https://notcve.org/view.php?id=CVE-2022-22945
VMware NSX Edge contains a CLI shell injection vulnerability. A malicious actor with SSH access to an NSX-Edge appliance can execute arbitrary commands on the operating system as root. VMware NSX Edge contiene una vulnerabilidad de inyección de shell CLI. Un actor malicioso con acceso SSH a un dispositivo NSX-Edge puede ejecutar comandos arbitrarios en el sistema operativo como root • https://www.vmware.com/security/advisories/VMSA-2022-0005.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2021-22050
https://notcve.org/view.php?id=CVE-2021-22050
ESXi contains a slow HTTP POST denial-of-service vulnerability in rhttpproxy. A malicious actor with network access to ESXi may exploit this issue to create a denial-of-service condition by overwhelming rhttpproxy service with multiple requests. ESXi contiene una vulnerabilidad de denegación de servicio HTTP POST lenta en rhttpproxy. Un actor malicioso con acceso a la red de ESXi puede explotar este problema para crear una condición de denegación de servicio al abrumar el servicio rhttpproxy con múltiples peticiones • https://www.vmware.com/security/advisories/VMSA-2022-0004.html • CWE-770: Allocation of Resources Without Limits or Throttling •