CVE-2022-31685 VMware Workspace ONE Assist prior to 22.10 contains an Authentication Bypass vulnerability

The authentication mechanism relies on SSL certificates, which may be obtained through certificate authority (CA) web sites or through self-signed certificates. Workspace ONE Assist also uses session identification tokens, which are not protected by the application.

Workstation configurations may be exploited to bypass authentication.

Incorrectly configured hosts, like Workstation versions prior to 10.0 or ESXi versions prior to 5.5.

Workspace ONE Assist may be exploited on a network to obtain administrative access without the need to authenticate to the application.

Access may be obtained through the use of weak password or misconfigured hosts on the network.

Access may be obtained through the use of weak password or misconfigured hosts on the network. Workspace ONE Assist may be exploited on a network to obtain administrative access without the need to authenticate to the application.

Access may be obtained through the use of weak password or misconfigured hosts on the network. Workspace ONE Assist may be exploited on a network to obtain administrative access without the need to authenticate to the application.

Access may be obtained through the use of weak password or misconfigured hosts on the network. Workspace ONE Assist may be exploited on a network to obtain administrative access without the need to authenticate to the application.

Access may be obtained through the use of weak password or misconfigured hosts on the network

Workstation vulnerability

Workspace ONE Assist may be exploited on a network to obtain administrative access without the need to authenticate to the application.

Access may be obtained through the use of weak password or misconfigured hosts on the network. Workspace ONE Assist may be exploited on a network to obtain administrative access without the need to authenticate to the application.

Warning Signs


-Systems configured to allow HTTP may be exploited to bypass authentication.

-Systems configured with weak passwords or without password protection can be exploited.

Workspace ONE Assist Overview

Workspace ONE Assist is a web application that provides remote access to desktops and servers. It uses the Secure Sockets Layer (SSL) cryptographic protocol to authenticate users.

The authentication mechanism relies on SSL certificates, which may be obtained through certificate authority (CA) web sites or through self-signed certificates. Workspace ONE Assist also uses session identification tokens, which are not protected by the application.

Workstation configurations may be exploited to bypass authentication. Incorrectly configured hosts, like Workstation versions prior to 10.0 or ESXi versions prior to 5.5, may cause vulnerabilities in the authentication process. Workspace ONE Assist may be exploited on a network to obtain administrative access without the need to authenticate to the application
Access may be obtained through weak password or misconfigured hosts on the network. Workspace ONE Assist may be exploited on a network to obtain administrative access without the need to authenticate to the application

An Overview of Workspace ONE Assist

Workspace ONE Assist is a platform that provides remote access to desktops, laptops, and mobile devices for employees and external users.

The authentication mechanism relies on SSL certificates, which may be obtained through certificate authority (CA) web sites or through self-signed certificates. Workspace ONE Assist also uses session identification tokens, which are not protected by the application.

Workstation configurations may be exploited to bypass authentication.

Incorrectly configured hosts, like Workstation versions prior to 10.0 or ESXi versions prior to 5.5.

Workspace ONE Assist may be exploited on a network to obtain administrative access without the need to authenticate to the application.

Access may be obtained through the use of weak password or misconfigured hosts on the network.

Timeline

Published on: 11/09/2022 21:15:00 UTC
Last modified on: 11/10/2022 19:37:00 UTC

References