attacker

VMware Workspace Flaw Let Attacker Redirect User to Malicious Source

by
VMware Workspace Flaw Let Attacker Redirect User to Malicious Source

An open redirect vulnerability in the VMware Workspace ONE UEM console has been identified as CVE-2023-20886, which has a CVSS score of 8.8 and is classified as ‘Important’ in severity. By using this vulnerability, an attacker could redirect a victim to a malicious website where their SAML response is intended to be stolen.  The victim’s Workspace ONE … Read more

VMware vCenter Server Flaw Let Attacker Execute Remote Code

by
VMware vCenter Server Flaw Let Attacker Execute Remote Code

VMware has been discovered with two vulnerabilities, CVE-2023-34048 and CVE-2023-34056, which were associated with Out-of-Bounds Write and Partial Information Disclosure. The severity of these vulnerabilities was 9.8 (Critical) and 4.3 (Medium). Both of these vulnerabilities existed on the VMware vCenter Server, a Server Management Software for managing virtual machines, ESXi hosts, and all other components … Read more