Cybersecurity specialists reported the detection of at two critical vulnerabilities in VMware Workspace One Access a solution that combines the user’s identity with factors such as device and network information to make intelligence-driven, conditional access decisions for applications delivered by Workspace One.
According to the report, successful exploitation of these vulnerabilities would allow hackers to deploy server-side request forgery (SSRF) attacks.
Below are brief reports of the failures detected, in addition to their respective identification keys and scores assigned according to the Common Vulnerability Scoring System (CVSS).
CVE-2021-22002: Insufficient validation of user input in /cfg and diagnostic endpoints would allow remote threat actors to send specially crafted HTTP requests with a modified HTTP host header to port 433/TCP.
The vulnerability received a CVSS score of 8.5/10 and would allow unauthenticated remote attackers to perform an SSRF attack and gain access to services on the internal network.
CVE-2021-22003: The report lacks a description for this vulnerability, mentioning only that it is an unprotected primary channel bug.
Although further details are still unknown, cybersecurity experts note that this flaw received a CVSS score of 3.2/10.
Both flaws reside in the following versions of VMware Workspace One Access: 20.01, 20.10, and 20.10.01.
While these vulnerabilities can be exploited by unauthenticated remote actors over the Internet, researchers have not detected exploit attempts in the wild. Updates are now ready to be installed, so VMware users are encouraged to update as soon as possible.
To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.