VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-side template injection. A malicious actor with network access can trigger a server-side template injection that may result in remote code execution.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HLinux Kernel
APPLinuxwszystkie wersjeVMware Cloud Foundation
APPVmware4.0 – 4.3.1VMware Identity Manager
APPVmware3.3.33.3.43.3.53.3.6VMware Vrealize Automation
APPVmware7.6VMware Vrealize Suite Lifecycle Manager
APPVmware8.0 – 8.2VMware Workspace One Access
APPVmware20.10.0.020.10.0.121.08.0.021.08.0.1
CISA KEV — detailsi
- Vendori
- VMware ↗
- Producti
- Workspace ONE Access and Identity Manager
- Added to KEVi
- April 14, 2022
- Remediation deadline (US Federal)i
- May 5, 2022(overdue)
- Ransomwarei
- Active ransomware campaigns exploit this vulnerability
Apply updates per vendor instructions.
VMware Workspace ONE Access and Identity Manager allow for remote code execution due to server-side template injection.
Related vulnerabilities
Type confusion w V8 (Google Chrome) — zdalne uszkodzenie sterty
Commvault Command Center – nieuwierzytelniony RCE przez path traversal w ZIP
VMware ESXi/Workstation: TOCTOU umożliwia ucieczkę z VM przez VMX process
VMware vCenter Server — heap-overflow w DCERPC umożliwia RCE
Heap overflow w VMware vCenter Server via protokół DCERPC — RCE