VMware is warning customers of a vulnerability in its Verify two-factor authentication solution. Hackers appear to be able to intercept the ‘second factor’.
VMware states in its warning that it concerns a security problem in its Workspace ONE Access product. VMware Verify takes care of the two-factor authentication. The vulnerability found allows hackers to intercept the ‘second step’ in a two-factor authentication request and thus gain access.
Part previous bug
The vulnerability is part of another vulnerability found in Workspace ONE Access. This vulnerability, CVE-2021-22057, allows hackers with a Server Side Request Forgery to gain network access to execute HTTP requests to arbitrary resources and read the full responses.
Also Log4j vulnerability
VMware has since patched both vulnerabilities and released a new version of Workspace ONE Access. The latest version is 21.08.0.1. VMware also previously discovered a very critical vulnerability, which falls under the Log4j problem. This vulnerability is also for VMware ONE Access, in this case VMware ONE Access UEM product.
