VMware released a critical security update for Airwatch Console.
The VMware Workspace ONE Unified Endpoint Management Console (AirWatch Console) update resolves a critical SAML authentication bypass vulnerability (CVE-2018-6979).
The cybersecurity threat:
“The VMware Workspace ONE Unified Endpoint Management Console (AirWatch Console) contains a SAML authentication bypass vulnerability which can be leveraged during device enrollment. This vulnerability may allow for a malicious actor to impersonate an authorized SAML session if certificate-based authentication is enabled. This vulnerability is also relevant if certificate-based authentication is not enabled, but the outcome of exploitation is limited to an information disclosure (Important Severity) in those cases.”
Airwatch Console is used to manage Mobile Device Management (MDM) deployments. MDM solutions allow organizations to more easily manage new mobile devices, user profiles, and securely configure device settings.
The update VMSA-2018-0024.1 addresses multiple versions of VMware Workspace ONE Unified Endpoint Management Console for 9.7.x, 9.6.x, 9.5.x, 9.4.x, and 9.2.x release lines.