Preface: Several vulnerabilities in VMware products (CVE-2022-22954, CVE-2022-22955, CVE-2022-22956, CVE-2022-22957, and CVE-2022-22958) are reported to be at high risk of being exploited. System administrators should immediately install patches to affected systems to reduce the risk of cyber-attacks.
Background: VMware Workspace ONE is an intelligence-driven digital workspace platform that enables you to simply and securely deliver and manage any app on any device, anywhere. You can add Web applications to the Workspace ONE Access catalog and assign them to users and groups to provide users access to these applications from the Workspace ONE Intelligent Hub app and portal. You configure single sign-on (SSO) to the applications by using a federation protocol such as SAML 2.0 to configure the applications.
Vulnerability details: CVE-2022-22954 – VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-side template injection. A malicious actor with network access can trigger a server-side template injection that may result in remote code execution. You can create a template to enable a group of clients to register dynamically with the VMware Identity Manager service to allow users access to a specific application.
Server-side template injection attacks can occur when user input is concatenated directly into a template, rather than passed in as data. This allows attackers to inject arbitrary template directives in order to manipulate the template engine, often enabling them to take complete control of the server.
Remedy:
HW-154129 – Patch instructions to address CVE-2022-22954, CVE-2022-22955, CVE-2022-22956, CVE-2022-22957, CVE-2022-22958, CVE-2022-22959, CVE-2022-22960, CVE-2022-22961 in Workspace ONE Access Appliance (VMware Identity Manager) (88099) – https://kb.vmware.com/s/article/88099
HW-154129 – Workaround instructions to address CVE-2022-22954, CVE-2022-22955, CVE-2022-22956, CVE-2022-22957, CVE-2022-22958, CVE-2022-22959, CVE-2022-22960 in Workspace ONE Access Appliance (VMware Identity Manager) (88098) – https://kb.vmware.com/s/article/88098