Vulnerabilities > CVE-2022-31686 - Unspecified vulnerability in VMWare Workspace ONE Assist

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

vmware

critical

NVD

Published: 2022-11-09

Updated: 2023-08-08

Summary

VMware Workspace ONE Assist prior to 22.10 contains a Broken Authentication Method vulnerability. A malicious actor with network access to Workspace ONE Assist may be able to obtain administrative access without the need to authenticate to the application.

Vulnerable Configurations

Part	Description	Count
Application	Vmware Vmware Workspace ONE Assist *	1

References

https://www.vmware.com/security/advisories/VMSA-2022-0028.html