cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-20886,https://securityvulnerability.io/vulnerability/CVE-2023-20886,Open Redirect Vulnerability in VMware Workspace ONE UEM Console,"The VMware Workspace ONE UEM console is susceptible to an open redirect vulnerability that allows malicious actors to redirect users to external malicious sites. By exploiting this flaw, attackers can capture the SAML response from a victim, enabling them to impersonate the victim user and gain unauthorized access to accounts. This poses a serious threat to user security and data integrity.",Vmware,Vmware Workspace One Uem Console,8.8,HIGH,0.0006200000061653554,false,,false,false,false,,,false,false,,2023-10-31T21:15:00.000Z,0
CVE-2021-22054,https://securityvulnerability.io/vulnerability/CVE-2021-22054,SSRF Vulnerability in VMware Workspace ONE UEM Console,"VMware Workspace ONE UEM console versions prior to 20.0.8.37, 20.11.0.40, 21.2.0.27, and 21.5.0.37 are susceptible to a Server Side Request Forgery (SSRF) vulnerability. This flaw could enable an unauthorized attacker with network access to the UEM console to send malicious requests, potentially leading to access to sensitive internal information without the need for authentication. Organizations using these versions are advised to apply the necessary updates to mitigate any risks associated with this vulnerability.",Vmware,Vmware Workspace One Uem Console,7.5,HIGH,0.6983799934387207,false,,false,false,true,2022-06-03T14:06:02.000Z,true,false,false,,2021-12-17T16:10:18.000Z,0
CVE-2021-22029,https://securityvulnerability.io/vulnerability/CVE-2021-22029,Denial of Service Vulnerability in VMware Workspace ONE UEM REST API,"The VMware Workspace ONE UEM REST API is susceptible to a denial of service attack due to improper rate limiting. An attacker with access to the /API/system/admins/session endpoint may exploit this weakness to overwhelm the API, leading to service interruptions. This vulnerability underscores the importance of robust rate limiting to prevent potential abuse and maintain service availability.",Vmware,Vmware Workspace One Uem Console,7.5,HIGH,0.0010300000431016088,false,,false,false,false,,,false,false,,2021-08-31T20:50:18.000Z,0
CVE-2021-21990,https://securityvulnerability.io/vulnerability/CVE-2021-21990,Cross-Site Scripting Vulnerability in VMware Workspace ONE UEM Console,"The VMware Workspace ONE UEM console suffers from a vulnerability where it fails to properly validate incoming requests during device enrollment. This flaw allows attackers to inject unsanitized input that the application renders on user devices. A successful exploitation permits malicious scripts to execute in the context of a user's session, potentially leading to unauthorized access or data theft. It is crucial for users of affected versions to apply security updates and ensure proper input validation to mitigate this risk.",Vmware,Vmware Workspace One Uem Console,6.1,MEDIUM,0.001230000052601099,false,,false,false,false,,,false,false,,2021-05-11T13:29:41.000Z,0