On October 31, 2023, VMware released a security advisory for an open redirect vulnerability in its Workspace ONE UEM console (CVE-2023-20886). This vulnerability has a CVSS score of 8.8, which is considered Important.
An open redirect vulnerability is a type of web application vulnerability that allows an attacker to redirect a victim to an arbitrary website. In the case of CVE-2023-20886, an attacker could exploit this vulnerability to redirect a victim to a malicious website that is designed to steal their SAML response. This would allow the attacker to log in to the victim’s Workspace ONE UEM console as the victim user.
VMware Workspace ONE UEM is a unified endpoint management (UEM) solution that enables organizations to manage all of their devices from a single console, including smartphones, tablets, laptops, desktops, and wearables. It is a powerful and flexible UEM solution that can help organizations to improve their security posture, streamline their IT operations, and reduce costs.
However, the open redirect vulnerability in VMware Workspace ONE UEM could pose a significant security risk to organizations that use this solution. If an attacker is able to exploit this vulnerability, they could gain access to sensitive corporate data and resources.
Affected Versions
The following versions of VMware Workspace ONE UEM are affected by CVE-2023-20886:
- Workspace ONE UEM 2302
- Workspace ONE UEM 22.12
- Workspace ONE UEM 22.09
- Workspace ONE UEM 22.06
- Workspace ONE UEM 22.03
Patched Versions
VMware has released patched versions of Workspace ONE UEM that address CVE-2023-20886. The following versions of Workspace ONE UEM are patched:
- Workspace ONE UEM 23.2.0.10
- Workspace ONE UEM 22.12.0.20
- Workspace ONE UEM 22.9.0.29
- Workspace ONE UEM 22.6.0.36
- Workspace ONE UEM 22.3.0.48
Recommendations
Organizations that use VMware Workspace ONE UEM are urged to upgrade to a patched version as soon as possible.
