An open redirect vulnerability in the VMware Workspace ONE UEM console has been identified as CVE-2023-20886, which has a CVSS score of 8.8 and is classified as ‘Important’ in severity.
By using this vulnerability, an attacker could redirect a victim to a malicious website where their SAML response is intended to be stolen.
The victim’s Workspace ONE UEM console would then be accessible to the attacker using the victim user’s login…