This module chains 3 vulnerabilities to deploy an agent in VMware Workspace ONE Access that will run with root user privileges. The first vulnerability is an authentication bypass vulnerability present in OAuth2TokenResourceController Access Control Service (ACS). The second vulnerability a JDBC Injection in DBConnectionCheckController dbCheck that allow to execute remote system commands. The third vulnerability is a local privilege escalation using the publishCaCert.hzn and gatherConfig.hzn scripts.
CVE Link
Exploit Platform
Exploit Type
Product Name