March 11, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – North Korean APT Kimsuky Aka Black Banshee – Active IOCs
November 1, 2023Rewterz Threat Update – Hyper-Volumetric HTTP DDoS Attacks Surge, Cloudflare Reports
November 1, 2023Rewterz Threat Alert – North Korean APT Kimsuky Aka Black Banshee – Active IOCs
November 1, 2023Rewterz Threat Update – Hyper-Volumetric HTTP DDoS Attacks Surge, Cloudflare Reports
November 1, 2023
Severity
High
Analysis Summary
CVE-2023-20886
VMware Workspace ONE UEM could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability. An attacker could exploit this vulnerability using a specially crafted URL to redirect a victim to arbitrary Web sites to retrieve the SAML response to login as the victim user.
Impact
- Unauthorized Access
Indicators Of Compromise
CVE
- CVE-2023-20886
Affected Vendors
VMware
Affected Products
- VMware Workspace ONE UEM Console 2203
- VMware Workspace ONE UEM Console 2206
- VMware Workspace ONE UEM Console 2209
- VMware Workspace ONE UEM Console 2212
- VMware Workspace ONE UEM Console 2302
Remediation
Refer to VMware Security Advisory for patch, upgrade or suggested workaround information.