This Metasploit module combines two vulnerabilities in order achieve remote code execution in the context of the horizon user. The first vulnerability, CVE-2022-22956, is an authentication bypass in OAuth2TokenResourceController ACS which allows a remote, unauthenticated attacker to bypass the authentication mechanism and execute any operation. The second vulnerability, CVE-2022-22957, is a JDBC injection remote code execution vulnerability specifically in the DBConnectionCheckController class's dbCheck method which allows an attacker to deserialize arbitrary Java objects which can allow for remote code execution.
7c29d90e3f3e9d482ff4bcd4e44dc3c7f3847da9e1f2f563dc1812dc6362bcd4
Red Hat Security Advisory 2022-8761-01 - Red Hat support for Spring Boot provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of Red Hat support for Spring Boot 2.7.2 serves as a replacement for Red Hat support for Spring Boot 2.5.12, and includes security, bug fixes and enhancements. For more information, see the release notes listed in the References section. Issues addressed include denial of service and deserialization vulnerabilities.
0df2f2118de756cfeb5ac0bd7ef441ecb9b24f07e70dbc6e86e6af13e1dea498
Gentoo Linux Security Advisory 202208-35 - Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions less than 104.0.5112.101 are affected.
e7597aa0df8c711de96d624bc650d2003b1b78f793dce2a87a44bfd7d0c68250
Red Hat Security Advisory 2022-5903-01 - Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services. This asynchronous security patch is an update to Red Hat Process Automation Manager 7. Issues addressed include HTTP request smuggling, denial of service, and deserialization vulnerabilities.
64f14a1390aa598b8f7f7082ac1e23e09426694792e54d265ca579256dd960fb
Debian Linux Security Advisory 5180-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
04461ff1bdbd3130ce0b479f9dae9abbd1a2848c21dc5e8a4ee7d3e438897605
Red Hat Security Advisory 2022-5555-01 - The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning. Issues addressed include a denial of service vulnerability.
57357d70810aa219aacd9c12d074414e128c56e7a0bc456d027d64b7f8926dfd
This Metasploit module exploits CVE-2022-22954, an unauthenticated server-side template injection (SSTI) vulnerability in VMware Workspace ONE Access, to execute shell commands as the horizon user.
bf4114fce190a8b9bc1f2bfc2013620b04b05e7030c7cc59f3d685b8db2038b1