vulnerability

VMware Workspace ONE Access: CVE-2021-22056: SSRF vulnerability in VMWare Workspace One Access (VMSA-2021-0030)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:P/I:N/A:N)	Jan 4, 2022	Jan 4, 2022	Mar 30, 2026

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:N/A:N)

Published

Jan 4, 2022

Added

Jan 4, 2022

Modified

Mar 30, 2026

Description

VMware Workspace ONE Access 21.08, 20.10.0.1, and 20.10 and Identity Manager 3.3.5, 3.3.4, and 3.3.3 contain an SSRF vulnerability. A malicious actor with network access may be able to make HTTP requests to arbitrary origins and read the full response.

Solutions

vmware-workspace-one-access-upgrade-20_10_0_0_17035009vmware-workspace-one-access-upgrade-20_10_0_1_17586971vmware-workspace-one-access-upgrade-21_08_0_0_18530336vmware-workspace-one-access-upgrade-21_08_0_1_19010796

References

CVE-2021-22056
https://attackerkb.com/topics/CVE-2021-22056
CWE-918
EUVD-EUVD-2021-9221
http://www.vmware.com/security/advisories/VMSA-2021-0030.html
https://euvd.enisa.europa.eu/vulnerability/EUVD-2021-9221

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today