vulnerability
VMware Workspace ONE Access: CVE-2023-20884: Insecure redirect vulnerability (VMSA-2023-0011)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:N/AC:M/Au:N/C:P/I:P/A:N) | 05/30/2023 | 05/10/2024 | 01/28/2025 |
Severity
6
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:N)
Published
05/30/2023
Added
05/10/2024
Modified
01/28/2025
Description
VMware Workspace ONE Access and VMware Identity Manager contain an insecure redirect vulnerability. An unauthenticated malicious actor may be able to redirect a victim to an attacker controlled domain due to improper path handling leading to sensitive information disclosure.
Solution
vmware-workspace-one-access-upgrade-22_09_1_0
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.