Workspace One Assist Security Vulnerabilities and Issues — Workspace One Assist CVE List

Lucene search

VmwareWorkspace One Assist

5 matches found

CVE•added 2022/11/09 9:15 p.m.•92 views

CVE-2022-31685

VMware Workspace ONE Assist prior to 22.10 contains an Authentication Bypass vulnerability. A malicious actor with network access to Workspace ONE Assist may be able to obtain administrative access without the need to authenticate to the application.

9.8CVSS9.3AI score0.00052EPSS

CVE•added 2022/11/09 9:15 p.m.•89 views

CVE-2022-31687

VMware Workspace ONE Assist prior to 22.10 contains a Broken Access Control vulnerability. A malicious actor with network access to Workspace ONE Assist may be able to obtain administrative access without the need to authenticate to the application.

9.8CVSS9.2AI score0.00618EPSS

CVE•added 2022/11/09 9:15 p.m.•60 views

CVE-2022-31686

VMware Workspace ONE Assist prior to 22.10 contains a Broken Authentication Method vulnerability. A malicious actor with network access to Workspace ONE Assist may be able to obtain administrative access without the need to authenticate to the application.

9.8CVSS9.2AI score0.00633EPSS

CVE•added 2022/11/09 9:15 p.m.•52 views

CVE-2022-31688

VMware Workspace ONE Assist prior to 22.10 contains a Reflected cross-site scripting (XSS) vulnerability. Due to improper user input sanitization, a malicious actor with some user interaction may be able to inject javascript code in the target user's window.

6.1CVSS6.3AI score0.0046EPSS

CVE•added 2022/11/09 9:15 p.m.•48 views

CVE-2022-31689

VMware Workspace ONE Assist prior to 22.10 contains a Session fixation vulnerability. A malicious actor who obtains a valid session token may be able to authenticate to the application using that token.

9.8CVSS9.2AI score0.00455EPSS