CVE-2022-31687

Name of the Vulnerable Software and Affected Versions VMware Workspace ONE Assist versions prior to 22.10

Description The issue is related to a Broken Access Control vulnerability. A malicious actor with network access to Workspace ONE Assist may be able to obtain administrative access without the need to authenticate to the application. This could allow the attacker to bypass existing security restrictions and elevate their privileges.

Recommendations For versions prior to 22.10, update to version 22.10 or later to resolve the issue. As a temporary workaround, consider restricting network access to Workspace ONE Assist to minimize the risk of exploitation.