Multiple vulnerabilities in VMware Workspace ONE Access
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2021-22056 CVE-2021-22057 |
| CWE-ID | CWE-918 CWE-287 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
VMware Workspace One Access Operating systems & Components / Operating system package or component |
| Vendor | VMware, Inc |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Server-Side Request Forgery (SSRF)
EUVDB-ID: #VU59054
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-22056
CWE-ID:
CWE-918 - Server-Side Request Forgery (SSRF)
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote user to perform SSRF attacks.
The vulnerability exists due to insufficient validation of user-supplied input. A remote user can send a specially crafted HTTP request and trick the application to initiate requests to arbitrary systems.
Successful exploitation of this vulnerability may allow a remote attacker gain access to sensitive data, located in the local network or send malicious requests to other servers from the vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsVMware Workspace One Access: 20.10.0.0 - 21.08.0.1
CPE2.3- cpe:2.3:o:vmware:vmware_access:20.10.0.0:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:vmware_access:20.10.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:vmware_access:21.08.0.0:*:*:*:*:*:*:*
https://www.vmware.com/security/advisories/VMSA-2021-0030.html
https://kb.vmware.com/s/article/87183
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Improper Authentication
EUVDB-ID: #VU59055
Risk: Low
CVSSv4.0: 2.3 [CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-22057
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to an error when processing 2FA authentication. A remote attacker can obtain the second-factor authentication provided by VMware Verify and gain unauthorized access to the application.
Install updates from vendor's website.
Vulnerable software versionsVMware Workspace One Access: 20.10.0.0 - 21.08.0.1
CPE2.3- cpe:2.3:o:vmware:vmware_access:20.10.0.0:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:vmware_access:20.10.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:vmware_access:21.08.0.0:*:*:*:*:*:*:*
https://www.vmware.com/security/advisories/VMSA-2021-0030.html
https://kb.vmware.com/s/article/87183
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
