CVE-2022-22972 PoC — 多款VMware产品授权问题漏洞

Source

https://github.com/xk4ng/CVE-2022-22972

Associated Vulnerability

Title:多款VMware产品授权问题漏洞 (CVE-2022-22972)
Description:VMware Cloud Foundation等都是美国威睿（VMware）公司的产品。VMware Cloud Foundation是一套一体化混合云平台。VMware vRealize Automation是一个提供自助式云服务、监管式多云自动化的管理工具。VMware Workspace One Access是一个集中式管理控制台，通过该控制台，可以管理用户和组、设置和管理身份验证和访问策略，以及将资源添加到目录并管理这些资源的授权。 VMware 多款产品存在授权问题漏洞，该漏洞源于处理身份验证请

Description

vmware authentication bypass

Readme

# CVE-2022-22972
vmware authentication bypass

 ```
  -host string
        Auth Servers,(bugs365.com)
  -url string
        Vul url,-url https://xxx.com
  -user string
        username (default "administrator")
 ```
![image](https://user-images.githubusercontent.com/96538641/170842677-a827192c-de39-4c82-911e-3a754b73befc.png)

File Snapshot


 [4.0K]  /data/pocs/5625a7233110572e45f45f414e1bb752c0492d7b
├── [4.0K]  POC
│   ├── [ 208]  go.mod
│   ├── [1.1K]  go.sum
│   └── [4.3K]  main.go
├── [ 328]  README.md
└── [4.0K]  Server
    ├── [  23]  go.mod
    └── [ 506]  main.go

2 directories, 6 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!