CVE-2022-22954
VMware Workspace ONE Access and Identity Manager Server-Side Template Injection Vulnerability
CVSS
—
No CVSS
EPSS
100.0%
p100
KEV
YES
Apr 14, 2022
Exploit Today
80
0-100
Published: — · Last modified: —
100.0%EPSS · 30 days100.0%
2026-06-302026-07-16
Product
VMware / Workspace ONE Access and Identity Manager
Vulnerability
VMware Workspace ONE Access and Identity Manager Server-Side Template Injection Vulnerability
Added to KEV
Apr 14, 2022
Remediate by
May 5, 2022
Known ransomware use
Yes
Summary description
VMware Workspace ONE Access and Identity Manager allow for remote code execution due to server-side template injection.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2022-22954
No related CVEs by CWE or product.