VYPR

Workspace ONE Assist

by VMware

CVEs (5)

  • CVE-2022-31689Nov 9, 2022
    risk 0.00cvss epss 0.01

    VMware Workspace ONE Assist prior to 22.10 contains a Session fixation vulnerability. A malicious actor who obtains a valid session token may be able to authenticate to the application using that token.

  • CVE-2022-31686Nov 9, 2022
    risk 0.00cvss epss 0.01

    VMware Workspace ONE Assist prior to 22.10 contains a Broken Authentication Method vulnerability. A malicious actor with network access to Workspace ONE Assist may be able to obtain administrative access without the need to authenticate to the application.

  • CVE-2022-31685Nov 9, 2022
    risk 0.00cvss epss 0.01

    VMware Workspace ONE Assist prior to 22.10 contains an Authentication Bypass vulnerability. A malicious actor with network access to Workspace ONE Assist may be able to obtain administrative access without the need to authenticate to the application.

  • CVE-2022-31687Nov 9, 2022
    risk 0.00cvss epss 0.01

    VMware Workspace ONE Assist prior to 22.10 contains a Broken Access Control vulnerability. A malicious actor with network access to Workspace ONE Assist may be able to obtain administrative access without the need to authenticate to the application.

  • CVE-2022-31688Nov 9, 2022
    risk 0.00cvss epss 0.00

    VMware Workspace ONE Assist prior to 22.10 contains a Reflected cross-site scripting (XSS) vulnerability. Due to improper user input sanitization, a malicious actor with some user interaction may be able to inject javascript code in the target user's window.