cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-31685,https://securityvulnerability.io/vulnerability/CVE-2022-31685,Authentication Bypass in VMware Workspace ONE Assist,"VMware Workspace ONE Assist versions prior to 22.10 are susceptible to an authentication bypass vulnerability. This allows an attacker with network access to the application to gain unauthorized administrative access, bypassing necessary authentication mechanisms. Such a flaw poses significant security risks as it could enable a malicious actor to exploit administrative privileges without proper credentials.",Vmware,Vmware Workspace One Assist,9.8,CRITICAL,0.0021699999924749136,false,,false,false,false,,,false,false,,2022-11-09T00:00:00.000Z,0
CVE-2022-31686,https://securityvulnerability.io/vulnerability/CVE-2022-31686,Broken Authentication Vulnerability in VMware Workspace ONE Assist,VMware Workspace ONE Assist versions prior to 22.10 are vulnerable to a broken authentication method. A malicious actor with network access could exploit this vulnerability to gain unauthorized administrative access to the application without authenticating. This poses a significant risk to the integrity and security of the systems relying on Workspace ONE Assist.,Vmware,Vmware Workspace One Assist,9.8,CRITICAL,0.002139999996870756,false,,false,false,false,,,false,false,,2022-11-09T00:00:00.000Z,0
CVE-2022-31687,https://securityvulnerability.io/vulnerability/CVE-2022-31687,Broken Access Control in VMware Workspace ONE Assist,"VMware Workspace ONE Assist prior to version 22.10 is affected by a Broken Access Control vulnerability. This flaw permits a malicious actor with network access to the application to potentially gain administrative privileges without the need for user authentication. Exploitation of this vulnerability could lead to unauthorized actions within the administration interface, increasing the risk of sensitive data exposure and system compromise.",Vmware,Vmware Workspace One Assist,9.8,CRITICAL,0.002529999939724803,false,,false,false,false,,,false,false,,2022-11-09T00:00:00.000Z,0
CVE-2022-31689,https://securityvulnerability.io/vulnerability/CVE-2022-31689,Session Fixation Vulnerability in VMware Workspace ONE Assist,"The vulnerability in VMware Workspace ONE Assist allows an attacker to exploit session fixation by obtaining a valid session token. Once acquired, the attacker can authenticate to the application and gain unauthorized access, thereby compromising user sessions and sensitive data. This highlights the importance of implementing robust session management practices to secure applications against potential exploits.",Vmware,Vmware Workspace One Assist,9.8,CRITICAL,0.002139999996870756,false,,false,false,false,,,false,false,,2022-11-09T00:00:00.000Z,0
CVE-2022-31688,https://securityvulnerability.io/vulnerability/CVE-2022-31688,Reflected Cross-Site Scripting Vulnerability in VMware Workspace ONE Assist,"VMware Workspace ONE Assist prior to version 22.10 suffers from a reflected cross-site scripting vulnerability. This flaw arises from insufficient sanitization of user inputs, allowing a malicious user to inject malicious JavaScript code into the browser of a targeted user via crafted requests. When exploited, this vulnerability could allow attackers to manipulate user sessions or carry out phishing attacks, posing significant risks to both users and organizations.",Vmware,Vmware Workspace One Assist,6.1,MEDIUM,0.0007200000109151006,false,,false,false,false,,,false,false,,2022-11-09T00:00:00.000Z,0