SSRF Vulnerability In VMware Authentication

Researchers have found that VMware has a server-side request forgery (SSRF) vulnerability could allow an attacker to obtain administrative JSON Web Tokens (JWT) in versions of the VMware authentication software.

This serious security vulnerability was found in a popular service called VMware Workspace ONE Access. It’s used to provide multi-factor authentication, conditional access, and single sign-on to web and mobile apps. The vulnerability could enable malicious actors to read the full response of HTTP requests. This vulnerability is tracked as CVE-2021-22056. It has a severity score of 5.5, or ‘moderate’.

Security researchers Shubham Shah and Keiran Sampson discovered the bug that could lead to the leaking of JWTs. This would give malicious actors full access to vulnerable systems. JWTs are strings that act as a way to identify users. They contain JSON-encoded data, making them convenient for embedding information. They are typically used as session identifiers for mobile and web applications, API services, and other kinds of web apps. They contain user data directly, unlike traditional session identifiers, which simply point to user data on the server-side. With all that said, if your JWTs are stolen or compromised, an attacker can potentially gain full access to your account.

 

Good News

VMware has quickly released a patch for the vulnerabilities in its latest enterprise version of the software.

I hope this article was helpful, if you have any questions, please feel free to contact me. If you would like to be notified of when I create a new post you can subscribe to my blog alert.

Leave a Comment

+ 36 = 44