Ke aʻo aku nei ʻo VMware i nā mea kūʻai aku i kahi nāwaliwali i kāna Verify two-factor authentication solution. Hiki i ka poʻe hackers ke hoʻopili i ka 'helu lua'.
Ua ʻōlelo ʻo VMware i kāna ʻōlelo aʻo e pili ana i kahi pilikia palekana i kāna huahana Workspace ONE Access. Mālama ʻo VMware Verify i ka hōʻoia ʻelua kumu. ʻO ka haʻahaʻa i ʻike ʻia e hiki ai i ka poʻe hackers ke ʻae i ka 'ʻanuʻu lua' i kahi noi hōʻoia ʻelua kumu a no laila e loaʻa ai ke komo.
Māhele i ka hewa mua
ʻO ka haʻahaʻa kahi ʻāpana o kahi nāwaliwali ʻē aʻe i loaʻa ma Workspace ONE Access. ʻO kēia haʻahaʻa, CVE-2021-22057, hiki i ka poʻe hackers me kahi Server Side Request Forgery e loaʻa i ka ʻoihana pūnaewele e hoʻokō i nā noi HTTP i nā kumu waiwai a heluhelu i nā pane piha.
ʻO Log4j vulnerability pū kekahi
Ua hoʻopaʻa ʻo VMware i nā mea nāwaliwali ʻelua a hoʻokuʻu i kahi mana hou o Workspace ONE Access. ʻO ka mana hou loa ʻo 21.08.0.1. Ua ʻike mua ʻo VMware i kahi nāwaliwali koʻikoʻi, e hāʻule ana ma lalo o ka pilikia Log4j. No ka VMware ONE Access kēia pilikia, i kēia hihia VMware ONE Access UEM huahana.