Lucene search
K
VmwareWorkspace One Assist

5 matches found

CVE
CVE
added 2022/11/09 12:0 a.m.114 views

CVE-2022-31685

VMware Workspace ONE Assist contains CVE-2022-31685, an authentication bypass vulnerability in versions prior to 22.10. Affected component: Workspace ONE Assist server. Root cause: authentication bypass allows a network-adjacent attacker to obtain administrative access without authenticating. Imp...

9.8CVSS9.3AI score0.00954EPSS
CVE
CVE
added 2022/11/09 12:0 a.m.103 views

CVE-2022-31687

VMware Workspace ONE Assist (VMware) before version 22.10 is affected by a Broken Access Control vulnerability (CVE-2022-31687). Affected component: Workspace ONE Assist server. Root cause: improper access control could allow a malicious actor with network access to obtain administrative privileg...

9.8CVSS9.2AI score0.00824EPSS
CVE
CVE
added 2022/11/09 12:0 a.m.73 views

CVE-2022-31686

CVE-2022-31686 affects VMware Workspace ONE Assist prior to version 22.10. The issue is a Broken Authentication Method that could allow an attacker with network access to obtain administrative privileges without authenticating to the application. Impact is described as high (admin access, full co...

9.8CVSS9.2AI score0.00929EPSS
CVE
CVE
added 2022/11/09 12:0 a.m.67 views

CVE-2022-31688

CVE-2022-31688 affects VMware Workspace ONE Assist prior to version 22.10. The vulnerability is a reflected cross-site scripting (XSS) flaw caused by improper sanitization of user input, enabling a malicious actor who has some user interaction to inject JavaScript into the target user’s window. T...

6.1CVSS6.3AI score0.00434EPSS
CVE
CVE
added 2022/11/09 12:0 a.m.63 views

CVE-2022-31689

CVE-2022-31689 describes a session fixation flaw in VMware Workspace ONE Assist prior to version 22.10. A malicious actor with a valid session token could authenticate to the application using that token. Public documents confirm affected versions include 21.x and 22.x, with the issue fixed in 22...

9.8CVSS9.2AI score0.00824EPSS