CVE-2022-31685 VMware Workspace ONE Assist prior to 22.10 contains an Authentication Bypass vulnerability

CVE-2022-31685 VMware Workspace ONE Assist prior to 22.10 contains an Authentication Bypass vulnerability

The authentication mechanism relies on SSL certificates, which may be obtained through certificate authority (CA) web sites or through self-signed certificates. Workspace ONE Assist also uses session identification tokens, which are not protected by the application.

Workstation configurations may be exploited to bypass authentication.

Incorrectly configured hosts, like Workstation versions prior to 10.0 or ESXi versions prior to 5.5.

Workspace ONE Assist may be exploited on a network to obtain administrative access without the need to authenticate to the application.

Access may be obtained through the use of weak password or misconfigured hosts on the network.

Access may be obtained through the use of weak password or misconfigured hosts on the network. Workspace ONE Assist may be exploited on a network to obtain administrative access without the need to authenticate to the application.

Access may be obtained through the use of weak password or misconfigured hosts on the network. Workspace ONE Assist may be exploited on a network to obtain administrative access without the need to authenticate to the application.

Access may be obtained through the use of weak password or misconfigured hosts on the network. Workspace ONE Assist may be exploited on a network to obtain administrative access without the need to authenticate to the application.

Access may be obtained through the use of weak password or misconfigured hosts on the network

Workstation vulnerability

Workspace ONE Assist may be exploited on a network to obtain administrative access without the need to authenticate to the application.

Access may be obtained through the use of weak password or misconfigured hosts on the network. Workspace ONE Assist may be exploited on a network to obtain administrative access without the need to authenticate to the application.

Warning Signs


-Systems configured to allow HTTP may be exploited to bypass authentication.

-Systems configured with weak passwords or without password protection can be exploited.

Workspace ONE Assist Overview

Workspace ONE Assist is a web application that provides remote access to desktops and servers. It uses the Secure Sockets Layer (SSL) cryptographic protocol to authenticate users.

The authentication mechanism relies on SSL certificates, which may be obtained through certificate authority (CA) web sites or through self-signed certificates. Workspace ONE Assist also uses session identification tokens, which are not protected by the application.

Workstation configurations may be exploited to bypass authentication. Incorrectly configured hosts, like Workstation versions prior to 10.0 or ESXi versions prior to 5.5, may cause vulnerabilities in the authentication process. Workspace ONE Assist may be exploited on a network to obtain administrative access without the need to authenticate to the application
Access may be obtained through weak password or misconfigured hosts on the network. Workspace ONE Assist may be exploited on a network to obtain administrative access without the need to authenticate to the application

An Overview of Workspace ONE Assist

Workspace ONE Assist is a platform that provides remote access to desktops, laptops, and mobile devices for employees and external users.

The authentication mechanism relies on SSL certificates, which may be obtained through certificate authority (CA) web sites or through self-signed certificates. Workspace ONE Assist also uses session identification tokens, which are not protected by the application.

Workstation configurations may be exploited to bypass authentication.

Incorrectly configured hosts, like Workstation versions prior to 10.0 or ESXi versions prior to 5.5.

Workspace ONE Assist may be exploited on a network to obtain administrative access without the need to authenticate to the application.

Access may be obtained through the use of weak password or misconfigured hosts on the network.

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe