VMware announces another Critical Vulnerability

LINK

A Server Side Request Forgery (SSRF) vulnerability in VMware Workspace ONE UEM console was privately reported to VMware. Patches and workarounds are available to address this vulnerability in affected VMware products. The issue has been mitigated for VMware-hosted Workspace ONE consoles.

Advisory ID: VMSA-2021-0029

CVSSv3 Range: 9.1

Issue Date: 2021-12-16

Updated On: 2021-12-16 (Initial Advisory)

CVE(s): CVE-2021-22054

Synopsis: VMware Workspace ONE UEM console patches address SSRF vulnerability (CVE-2021-22054)