{"uuid": "40ff4e34-970b-4bd2-9358-1dc46be457cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31700", "type": "published-proof-of-concept", "source": "https://t.me/ptswarm/161", "content": "VMWare Workspace ONE Access\n\n\ud83d\udc64 by Steven Seeley\n\nResearcher wrote a blog post regarding the technical details of CVE-2022-31700. It's an interesting case study of attacking custom Java Bean Validators (JSR 380) for RCE.\n\nIn 2022, Steven conducted research against VMWare Workspace ONE Access and was able to find a remote code execution vulnerability triggerable by an authenticated administrator. Although authentication is required, past authentication bypass vulnerabilities have been published.\n\n\ud83d\udcdd Contents:\n\u25cf Intro\n\u25cf Motivation\n\u25cf Vulnerability Analysis\n\u25cf Reaching validateClaimRuleCondition\n\u25cf Looking for validation\n\u25cf Exposure\n\u25cf Proof of Concept\n\u25cf Automation\n\u25cf Manual\n\u25cf Stack Trace\n\nhttps://trenchant.io/vmware-workspace-one-access/", "creation_timestamp": "2023-03-01T06:37:26.000000Z"}