{"vulnerability": "cve-2022-31700", "sightings": [{"uuid": "b66d8f4a-67b5-4032-89ec-c18b6f70a625", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31700", "type": "published-proof-of-concept", "source": "Telegram/QpDoeMqjQ0IRwU8T8UciqFswfkPSo5yZHjAKqpZ99MeemPQ", "content": "", "creation_timestamp": "2023-03-05T08:39:29.000000Z"}, {"uuid": "40ff4e34-970b-4bd2-9358-1dc46be457cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31700", "type": "published-proof-of-concept", "source": "https://t.me/ptswarm/161", "content": "VMWare Workspace ONE Access\n\n\ud83d\udc64 by Steven Seeley\n\nResearcher wrote a blog post regarding the technical details of CVE-2022-31700. It's an interesting case study of attacking custom Java Bean Validators (JSR 380) for RCE.\n\nIn 2022, Steven conducted research against VMWare Workspace ONE Access and was able to find a remote code execution vulnerability triggerable by an authenticated administrator. Although authentication is required, past authentication bypass vulnerabilities have been published.\n\n\ud83d\udcdd Contents:\n\u25cf Intro\n\u25cf Motivation\n\u25cf Vulnerability Analysis\n\u25cf Reaching validateClaimRuleCondition\n\u25cf Looking for validation\n\u25cf Exposure\n\u25cf Proof of Concept\n\u25cf Automation\n\u25cf Manual\n\u25cf Stack Trace\n\nhttps://trenchant.io/vmware-workspace-one-access/", "creation_timestamp": "2023-03-01T06:37:26.000000Z"}, {"uuid": "80dfa8c7-ab32-46a3-9065-7d7e67b7f2c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31700", "type": "seen", "source": "https://t.me/cibsecurity/54549", "content": "\u203c CVE-2022-31700 \u203c\n\nVMware Workspace ONE Access and Identity Manager contain an authenticated remote code execution vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.2.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-14T22:22:51.000000Z"}, {"uuid": "f2a2e137-b2c6-447c-a2cc-3aad07bdcc83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31700", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7865", "content": "#exploit\n1. NetBSD Overflow\nhttps://seclists.org/fulldisclosure/2023/Mar/0\n]-> https://github.com/fuzzingrf/netbsd_hfs\n\n2. Exploring Web3 Security: A Step-by-Step Guide to Creating PoCs for Previous Findings\nhttps://infosecwriteups.com/exploring-web3-security-a-step-by-step-guide-to-creating-proof-of-concepts-for-previous-findings-22db1135566\n\n3. CVE-2022-31700:\nVMWare Workspace ONE Access Claim TransformationHelper validateClaimRuleCondition RCE\nhttps://srcincite.io/advisories/src-2022-0023\n]-> https://trenchant.io/vmware-workspace-one-access", "creation_timestamp": "2023-03-04T20:59:02.000000Z"}]}