VMware has recently released patches to three critical severity vulnerabilities affecting the Workspace ONE assist solution. A good vulnerability management tool can solve these problems.
Workspace ONE Assist provides a console through which the IT staff can access remote devices and troubleshoot in real time. The console can also be used for screen sharing, file system management, and remote command execution. Vulnerability Management Software can resolve these issues.
The vulnerabilities are tracked as CVE-2022-31685, CVE-2022-31686, and CVE-2022-31687. These flaws can be exploited to achieve privilege escalation without any user interaction.
Technical Details
CVE-2022-31685: Authentication bypass vulnerability in VMware Workspace ONE Assist prior to 22.10. Any threat actor with network access can exploit this flaw to obtain administrative access without authentication to the application.
CVE-2022-31686: A broken authentication method flaw in VMware Workspace ONE Assist prior to 22.10. Any attacker with network access can exploit this vulnerability to obtain administrative access without the need for authentication.
CVE-2022-31687: A broken access control vulnerability in VMware Workspace ONE Assist prior to 22.10. Any attacker with network access can exploit this flaw and obtain administrative access without authentication.
VMware also addressed two more flaws tracked as CVE-2022-31688(A XSS flaw) and CVE-2022-31689(session fixation vulnerability).
CVE-2022-31688: A reflected cross-site scripting vulnerability in VMware Workspace ONE Assist prior to 22.10 due to improper sanitization of user input. Successful exploitation of this flaw would allow an attacker to inject JavaScript code into the target system.
CVE-2022-31689: A session fixation vulnerability in VMware Workspace ONE Assist prior to 22.10. Any attacker with a valid session token would exploit this flaw to authenticate to the application.
Affected Applications
VMware Workspace ONE Assist prior to 22.10.
Solution
Update to the Workspace ONE Assist version 22.10, released by VMware, which addresses all the listed vulnerabilities.