CVE-2018-6979

7.4HIGH

Key Information:

Vendor: Vmware
Status: Vmware Workspace One Unified Endpoint Management Console (airwatch Console)
Vendor: CVE Published:; 4 October 2018

Summary

The VMware Workspace ONE Unified Endpoint Management Console (A/W Console) 9.7.x prior to 9.7.0.3, 9.6.x prior to 9.6.0.7, 9.5.x prior to 9.5.0.16, 9.4.x prior to 9.4.0.22, 9.3.x prior to 9.3.0.25, 9.2.x prior to 9.2.3.27, and 9.1.x prior to 9.1.5.6 contains a SAML authentication bypass vulnerability which can be leveraged during device enrollment. This vulnerability may allow for a malicious actor to impersonate an authorized SAML session if certificate-based authentication is enabled. This vulnerability is also relevant if certificate-based authentication is not enabled, but the outcome of exploitation is limited to an information disclosure (Important Severity) in those cases.

Affected Version(s)

VMware Workspace ONE Unified Endpoint Management Console (AirWatch Console) 9.7.x prior to 9.7.0.8

VMware Workspace ONE Unified Endpoint Management Console (AirWatch Console) 9.6.x prior to 9.6.0.8

VMware Workspace ONE Unified Endpoint Management Console (AirWatch Console) 9.5.x prior to 9.5.0.17

References

https://www.vmware.com/security/advisories/VMSA-2018-0024...

x_refsource_CONFIRM

http://www.securitytracker.com/id/1041808

vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:

7.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 4, 2018
Vulnerability Reserved
Feb 14, 2018