Denial of Service Vulnerability in VMware Workspace ONE UEM REST API
CVE-2021-22029
7.5HIGH
Key Information:
- Vendor
Vmware
- Vendor
- CVE Published:
- 31 August 2021
What is CVE-2021-22029?
The VMware Workspace ONE UEM REST API is susceptible to a denial of service attack due to improper rate limiting. An attacker with access to the /API/system/admins/session endpoint may exploit this weakness to overwhelm the API, leading to service interruptions. This vulnerability underscores the importance of robust rate limiting to prevent potential abuse and maintain service availability.
Affected Version(s)
VMware Workspace ONE UEM console Workspace ONE UEM console 2105, 2102, 2011, 2008, 2005 & 2001