Authentication Bypass Vulnerabilities in VMware Workspace ONE Assist

Threat Advisories

Authentication Bypass Vulnerabilities in VMware Workspace ONE Assist

November 10, 2022
Threat Level
Amber
Vulnerability Report

For a detailed threat advisory, download the pdf file here

Summary

Several security vulnerabilities exist in VMware’s Workspace ONE Assist solution, some of which can be exploited for authentication bypassing to gain admin-level access.

A vulnerability in VMware Workspace ONE Assist, CVE-2022-31685, could allow an attacker with network access to gain administrative access without authentication. Similarly, CVE-2022-31686 is described as a broken authentication method vulnerability, and CVE-2022-31687 is a broken access control issue.

Recent Posts

Join Our Newsletter 14,000+ subscribers and growing! Get top cybersecurity news delivered directly to your inbox.
Sign Up to Receive Our Weekly Threat Digest