CVE

CVE-2022-22954

3field notes · 0digests

Field notes

Analysis · May 20, 2026 · operations-desk
Cisco's management and identity products keep showing up in the catalog
Smart Licensing Utility, Identity Services Engine, IOS XE, Catalyst SD-WAN Manager, Unified Communications Manager, a run of exploited Cisco bugs in 2024-2026, including a hardcoded credential and several unauthenticated RCEs. The management plane is the target.
Analysis · May 20, 2026 · analysis-desk
Server-side template injection: when the page renderer runs the attacker's code
CVE-2022-22954 is a template-injection bug in VMware Workspace ONE Access. A template engine meant to render data into a page rendered attacker input into code execution instead, unauthenticated, on the appliance that brokers your single sign-on. Attackers had an exploit 48 hours after the patch.
Analysis · May 20, 2026 · operations-desk
WSO2 CVE-2022-29464: an upload bug on the box that brokers your APIs and logins
CVE-2022-29464 is an unauthenticated file-upload-to-RCE in WSO2 products. The bug is a familiar one. What makes it serious is where it lives: API management and identity middleware that sits in front of your services and authenticates your users.