Filtered by vendor Vmware
Subscriptions
Filtered by product Workspace One Assist
Subscriptions
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-31689 | 1 Vmware | 1 Workspace One Assist | 2024-11-21 | 9.8 Critical |
| VMware Workspace ONE Assist prior to 22.10 contains a Session fixation vulnerability. A malicious actor who obtains a valid session token may be able to authenticate to the application using that token. | ||||
| CVE-2022-31688 | 1 Vmware | 1 Workspace One Assist | 2024-11-21 | 6.1 Medium |
| VMware Workspace ONE Assist prior to 22.10 contains a Reflected cross-site scripting (XSS) vulnerability. Due to improper user input sanitization, a malicious actor with some user interaction may be able to inject javascript code in the target user's window. | ||||
| CVE-2022-31687 | 1 Vmware | 1 Workspace One Assist | 2024-11-21 | 9.8 Critical |
| VMware Workspace ONE Assist prior to 22.10 contains a Broken Access Control vulnerability. A malicious actor with network access to Workspace ONE Assist may be able to obtain administrative access without the need to authenticate to the application. | ||||
| CVE-2022-31686 | 1 Vmware | 1 Workspace One Assist | 2024-11-21 | 9.8 Critical |
| VMware Workspace ONE Assist prior to 22.10 contains a Broken Authentication Method vulnerability. A malicious actor with network access to Workspace ONE Assist may be able to obtain administrative access without the need to authenticate to the application. | ||||
| CVE-2022-31685 | 1 Vmware | 1 Workspace One Assist | 2024-11-21 | 9.8 Critical |
| VMware Workspace ONE Assist prior to 22.10 contains an Authentication Bypass vulnerability. A malicious actor with network access to Workspace ONE Assist may be able to obtain administrative access without the need to authenticate to the application. | ||||
Page 1 of 1.