CISA Known Exploited Vulnerability
This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.
Remediation Deadline: Mar 23, 2026
Description
Omnissa Workspace One UEM formerly known as VMware Workspace One UEM contains a server-side request forgery (SSRF) vulnerability that could allow a malicious actor with network access to UEM to send their requests without authentication and to gain access to sensitive information.
EPSS — Exploit Probability
Higher than 99.8% of all CVEs
Required Action
https://web.archive.org/web/20211222154335/https://www.vmware.com/security/advisories/VMSA-2021-0029.html ; https://nvd.nist.gov/vuln/detail/CVE-2021-22054
Related Articles (3)
CISA Flags SolarWinds, Ivanti, and Workspace One Vulnerabilities as Actively Exploited
CISA adds 3 exploited flaws—SolarWinds, Ivanti, Workspace One—to KEV after attacks, forcing federal patch deadlines in March 2026.
Mar 10, 2026
CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
Mar 9, 2026
Recent Ivanti Endpoint Manager Flaw Exploited in Attacks
CISA has added the high-severity authentication bypass vulnerability to its KEV list, along with SolarWinds and Workspace One bugs.
Mar 10, 2026
Risk Assessment
HIGHDetails
- Severity
- High
- EPSS
- 93.6%
- CISA KEV
- Yes
- Ransomware
- Unknown
- Articles
- 3
Timeline
Published
Mar 9, 2026
Added to KEV
Mar 9, 2026
Remediation Due
Mar 23, 2026