It was possible to bypass Lock WARP switch feature https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/warp-settings/#lock-warp-switch on the WARP iOS mobile client by enabling both "Disable for cellular networks" and "Disable for Wi-Fi networks" switches at once in the application settings. Such configuration caused the WARP client to disconnect and allowed the user to bypass restrictions and policies enforced by the Zero Trust platform.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: cloudflare
Published: 2022-10-28T09:24:40.799Z
Updated: 2024-08-03T01:07:06.458Z
Reserved: 2022-09-26T16:41:00.464Z
Link: CVE-2022-3321
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-10-28T10:15:16.683
Modified: 2024-11-21T07:19:17.507
Link: CVE-2022-3321
Redhat
No data.