Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-22054 | 1 Vmware | 1 Workspace One Uem Console | 2021-12-21 | 5.0 MEDIUM | 7.5 HIGH |
VMware Workspace ONE UEM console 20.0.8 prior to 20.0.8.37, 20.11.0 prior to 20.11.0.40, 21.2.0 prior to 21.2.0.27, and 21.5.0 prior to 21.5.0.37 contain an SSRF vulnerability. This issue may allow a malicious actor with network access to UEM to send their requests without authentication and to gain access to sensitive information. | |||||
CVE-2021-22029 | 1 Vmware | 1 Workspace One Uem Console | 2021-09-08 | 5.0 MEDIUM | 7.5 HIGH |
VMware Workspace ONE UEM REST API contains a denial of service vulnerability. A malicious actor with access to /API/system/admins/session could cause an API denial of service due to improper rate limiting. |