Request a Demo
Rewterz
Rewterz Threat Advisory – ICS: Delta Electronics CNCSoft Vulnerability
December 17, 2021
Rewterz
Rewterz Threat Alert – APT32 Ocean Lotus – Active IOCs
December 17, 2021

Rewterz Threat Advisory – VMware Workspace ONE UEM Console SSRF Vulnerability

Severity

High

Analysis Summary

CVE-2021-22054

VMware Workspace ONE UEM console contains a Server Side Request Forgery (SSRF) vulnerability. A malicious actor with network access to UEM can send their requests without authentication and may exploit this issue to gain access to sensitive information.

Impact

  • Server Side Request Forgery (SSRF)
  • Exposure of sensitive data

Affected Vendors

VMware

Affected Products

  • VMware Workspace ONE UEM console 2015
  • VMware Workspace ONE UEM console 2012
  • VMware Workspace ONE UEM console 2011
  • VMware Workspace ONE UEM console 2008

Remediation

Refer to VMware advisory for the fixed versions of the affected products.

https://www.vmware.com/security/advisories/VMSA-2021-0029.html