CVE-2022-3320

Name of the Vulnerable Software and Affected Versions WARP Client (affected versions not specified)

Description The issue allows bypassing policies configured for Zero Trust Secure Web Gateway. This can be achieved by using the warp-cli command with the set-custom-endpoint subcommand and specifying an unreachable endpoint, which causes the WARP Client to disconnect. As a result, administrative restrictions on a Zero Trust enrolled endpoint can be bypassed.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.