CVE-2022-22972
Description
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate.
NVD
Severity: CRITICAL
CVE ID: CVE-2022-22972
CVSS Score: 9.8
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Proof Of Concept
Nuclei Templates for CVE-2022-22972
Refrence: Project Discovery GitHub
horizon3ai
Refrence: GitHub
Dghpi9
vmware authentication bypass
Refrence: GitHub
bengisugun
IOC List
Refrence: GitHub
Content on GitHub
Schira4396 | watchers:1253
VcenterKiller
一款针对Vcenter的综合利用工具,包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j,提供一键上传webshell,命令执行或者上传公钥使用SSH免密连接
Refrence: GitHub
W01fh4cker | watchers:897
VcenterKit
Vcenter综合渗透利用工具包 | Vcenter Comprehensive Penetration and Exploitation Toolkit
Refrence: GitHub