3a. Authentication Bypass vulnerability (CVE-2022-31685)
VMware Workspace ONE Assist contains an Authentication Bypass vulnerability. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.
3b. Broken Authentication Method vulnerability (CVE-2022-31686)
VMware Workspace ONE Assist contains a Broken Authentication Method vulnerability. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.
3c. Broken Access Control vulnerability (CVE-2022-31687)
VMware Workspace ONE Assist contains a Broken Access Control vulnerability. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.
3d. Reflected cross-site scripting (XSS) vulnerability (CVE-2022-31688)
VMware Workspace ONE Assist contains a reflected cross-site scripting (XSS) vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 6.4.
3e. Session fixation vulnerability (CVE-2022-31689)
VMware Workspace ONE Assist contains a session fixation vulnerability due to improper handling of session tokens. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.2.
CPE | Name | Operator | Version |
---|---|---|---|
assist server(s) | lt | 22.10 |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31685
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31686
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31687
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31688
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31689
docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/rn/vmware-workspace-one-assist-release-notes/index.html
kb.vmware.com/s/article/89993
www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L
www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N
www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H