3. Advisory Details
VMware Workspace ONE UEM console contains a Server Side Request Forgery (SSRF) vulnerability. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.1.
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22054
docs.vmware.com/en/VMware-Workspace-ONE-UEM/2008/rn/VMware-Workspace-ONE-UEM-Release-Notes-2008.html
docs.vmware.com/en/VMware-Workspace-ONE-UEM/2011/rn/VMware-Workspace-ONE-UEM-Release-Notes-2011.html
docs.vmware.com/en/VMware-Workspace-ONE-UEM/2102/rn/Workspace-ONE-UEM-2102-Release-Notes.html
docs.vmware.com/en/VMware-Workspace-ONE-UEM/2105/rn/Workspace-ONE-UEM-2105-Release-Notes.html
resources.workspaceone.com/view/48ktw9p6spmq8dflll49/en
resources.workspaceone.com/view/5qtfg6xhrkcp6vp4t4l7/en
resources.workspaceone.com/view/7xw2l35h6fc2pyfjgcnx/en
resources.workspaceone.com/view/pdwkjgfsb8b57cxvfnpd/en
www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N