# CVE-2021-22054

> VMware Workspace ONE UEM console 20.0.8 prior to 20.0.8.37, 20.11.0 prior to 20.11.0.40, 21.2.0 prior to 21.2.0.27, and 21.5.0 prior to 21.5.0.37 contain an SSRF vulnerability. This issue may allow a malicious actor with network access to UEM to send their requests without authentication and to gain access to sensitive information.

- **CVSS:** 7.5 (HIGH)
- **EPSS:** 93.8%
- **CISA KEV:** yes
- **CWE:** CWE-918

Canonical: https://intel.threadlinqs.com/cve/CVE-2021-22054
Full threat coverage + IOCs via the Threadlinqs MCP server (Purple tier): https://intel.threadlinqs.com/mcp