Open Redirect Vulnerability in VMware Workspace ONE UEM Console Allows for SAML Response Retrieval and User Impersonation

Open Redirect Vulnerability in VMware Workspace ONE UEM Console Allows for SAML Response Retrieval and User Impersonation

CVE-2023-20886 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

VMware Workspace ONE UEM console contains an open redirect vulnerability. A malicious actor may be able to redirect a victim to an attacker and retrieve their SAML response to login as the victim user.

Learn more about our Cis Benchmark Audit For Google Workspace.