A Server Side Request Forgery (SSRF) vulnerability in VMware Workspace ONE UEM console was privately reported to VMware. Patches and workarounds are available to address this vulnerability in affected VMware products. The issue has been mitigated for VMware-hosted Workspace ONE consoles.
Advisory ID: VMSA-2021-0029
CVSSv3 Range: 9.1
Issue Date: 2021-12-16
Updated On: 2021-12-16 (Initial Advisory)
Synopsis: VMware Workspace ONE UEM console patches address SSRF vulnerability (CVE-2021-22054)