Gaping Authentication Bypass Holes in VMWare Workspace One


Virtualization technology giant VMware joined the Patch Tuesday train this week to deliver urgent security patches to its VMWare Workspace One product.

The business released an urgent bulletin (VMSA-2022-0028) with basic information on at least five known security flaws that leave users of VMware Workspace One vulnerable to attacks that bypass authentication. Three of the patched flaws have a CVSS severity score of 9.8/10, according to VMware, which gave the bulletin a critical severity rating and issued a warning about them.

The VMware Workspace One Assist utility was found to have the vulnerabilities CVE-2022-31685, CVE-2022-31686, CVE-2022-31687, CVE-2022-31688, and CVE-2022-31689, which can be used to bypass authentication processes.

Read More: Gaping Authentication Bypass Holes in VMWare Workspace One

For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.