Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
vmwareVMwareVMSA-2022-0028
HistoryNov 08, 2022 - 12:00 a.m.

VMware Workspace ONE Assist update addresses multiple vulnerabilities.

2022-11-0800:00:00
www.vmware.com
12
vmware workspace one assist
update
critical
moderate
vulnerabilities
authentication bypass
broken authentication method
broken access control
reflected cross-site scripting
session fixation

7.3 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

56.6%

JSON

3a. Authentication Bypass vulnerability (CVE-2022-31685)

VMware Workspace ONE Assist contains an Authentication Bypass vulnerability. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.

3b. Broken Authentication Method vulnerability (CVE-2022-31686)

VMware Workspace ONE Assist contains a Broken Authentication Method vulnerability. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.

3c. Broken Access Control vulnerability (CVE-2022-31687)

VMware Workspace ONE Assist contains a Broken Access Control vulnerability. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.

3d. Reflected cross-site scripting (XSS) vulnerability (CVE-2022-31688)

VMware Workspace ONE Assist contains a reflected cross-site scripting (XSS) vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 6.4.

3e. Session fixation vulnerability (CVE-2022-31689)

VMware Workspace ONE Assist contains a session fixation vulnerability due to improper handling of session tokens. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.2.

CPENameOperatorVersion
assist server(s)lt22.10

Related

thn 1
nessus 1
hivepro 1
prion 5
cve 5
nvd 5
cvelist 5
thn
thn
VMware Warns of 3 New Critical Flaws Affecting Workspace ONE Assist Software
2022-11-09 06:04:00
nessus
nessus
VMware Workspace One Assist Multiple Vulnerabilities (VMSA-2022-0028)
2022-11-16 00:00:00
hivepro
hivepro
Authentication Bypass Vulnerabilities in VMware Workspace ONE Assist
2022-11-10 10:08:26
prion
prion
Cross site scripting
2022-11-09 21:15:00
Session fixation
2022-11-09 21:15:00
Improper access control
2022-11-09 21:15:00
cve
cve
CVE-2022-31687
2022-11-09 21:15:15
CVE-2022-31686
2022-11-09 21:15:15
CVE-2022-31685
2022-11-09 21:15:15
nvd
nvd
CVE-2022-31689
2022-11-09 21:15:15
CVE-2022-31686
2022-11-09 21:15:15
CVE-2022-31685
2022-11-09 21:15:15
cvelist
cvelist
CVE-2022-31685
2022-11-09 00:00:00
CVE-2022-31688
2022-11-09 00:00:00
CVE-2022-31687
2022-11-09 00:00:00

7.3 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

56.6%

JSON
Related for VMSA-2022-0028
thn1nessus1hivepro1prion5cve5nvd5cvelist5