CVE-2023-20857
MEDIUMVMware Workspace ONE Content < 23.02 - Passcode Bypass via Rooted Device Access
Title source: llmDescription
VMware Workspace ONE Content contains a passcode bypass vulnerability. A malicious actor, with access to a users rooted device, may be able to bypass the VMware Workspace ONE Content passcode.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry
http://packetstormsecurity.com/files/171158/VMware-Security-Advisory-2023-0006.html
Release Notes, Vendor Advisory
https://www.vmware.com/security/advisories/VMSA-2023-0006.html
Scores
CVSS v3
6.8
EPSS
0.0004
EPSS Percentile
14.0%
Attack Vector
PHYSICAL
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-306
Status
published
Products (1)
vmware/workspace_one_content
< 23.02
Published
Feb 28, 2023
Tracked Since
Feb 18, 2026