CVE-2022-22960
------------ On April 6, 2022 VMware released VMSA-2022-0011, a critical advisory addressing security vulnerabilities found and resolved in VMware’s Workspace ONE Access, VMware Identity Manager (vIDM), vRealize Lifecycle Manager, vRealize Automation, and VMware Cloud Foundation products. VMware Identity Manager is also an optional external component that can provide authentication and authorization for other products, such as NSX, vRealize Operations, vRealize Log Insight, and vRealize Network Insight. The VMSA will always be the source of truth for what products & versions are affected, the workarounds, and appropriate patches. This document is a corollary to that advisory and contains resources and numerous questions & answers that have been asked regarding this issue in an effort to communicate new information, reduce the need for support calls, and help keep organizations secure.
EPSS 72.49% · 98.8th percentile
Risk Scores
Exploit Intelligence
- http://packetstormsecurity.com/files/171918/Mware-Workspace-ONE-Remote-Code-Execution.html (nist-nvd)
- http://packetstormsecurity.com/files/171918/VMware-Workspace-ONE-Remote-Code-Execution.html (nist-nvd)
- http://packetstormsecurity.com/files/171935/VMware-Workspace-ONE-Access-Privilege-Escalation.html (nist-nvd)
- DONKEY0xSHOT/CVE-2017-11882-Blocker (github-poc)
- DONKEY0xSHOT/CVE-2017-11882-Blocker (github-poc)
- DONKEY0xSHOT/CVE-2017-11882-Blocker (github-poc)
- DONKEY0xSHOT/CVE-2017-11882-Blocker (github-poc)
- DONKEY0xSHOT/CVE-2017-11882-Blocker (github-poc)
- DONKEY0xSHOT/CVE-2017-11882-Blocker (github-poc)
- Simple PoC of CVE-2017-11882 (github-poc)
…and 1083 more exploits
Timeline
- Nov 23, 2017 PoC Published
- Mar 12, 2018 PoC Published
- Feb 5, 2019 PoC Published
- Sep 17, 2020 PoC Published
- Oct 3, 2020 PoC Published
- Mar 4, 2021 PoC Published
- Apr 26, 2021 PoC Published
- Jun 28, 2021 PoC Published
- Jul 2, 2021 PoC Published
- Sep 23, 2021 PoC Published
- Oct 6, 2021 PoC Published
- Dec 11, 2021 PoC Published