Contact Us

Artificial Intelligence 

Productivity accelerator. Innovation catalyst. Creative collaborator. Whatever your vision for AI, Unisys provides the solutions, expertise and tools to realize the full business potential of your organization.
Explore
See AI in action
See AI in action

Advancing public service efficiency at the Austrian Ministry of Finance.

Read more
Innovate and excel with generative AI
Innovate and excel with generative AI

Explore expert insights from Harvard Business Review.

Read more
Your AI journey. Our expert navigation.
Your AI journey. Our expert navigation.

Turn AI someday into AI today. With Unisys, you can turn ambitious ideas into tangible results, driving your business forward responsibly.

Download report
securitas
Protecting against threats and attacks

See how Unisys partnered with Securitas to help with end-to-end securitization.

Read more
Enable a secure end-to-end workplace.

Elevate your digital workplace experience with persona-based solutions – without compromising compliance or security. Transform your technology support from reactive to proactive with Digital Workplace Solutions and services.

Air Cargo Week : MAB Kargo selects Unisys logistics optimization
MAB Kargo's quest for air cargo efficiency

In an industry where every inch of space and every minute counts, the quest for efficiency and profitability led MAB Kargo to Unisys Logistics Optimization.

Read more
Quantum IQ
Taking the quantum leap

Quantum computing can potentially improve how your business operates. It can reveal greater efficiencies, reduce risk and increase output — all in an instant.

Read more

Logistics Optimization

Keep cargo moving — despite disruptions. Discover how patent-pending AI models using real-time data can save time and boost revenue by improving capacity utilization, route planning and inventory management.
Explore
Logistics management at the speed of quantum computing

Consulting

The nature of work is changing. Let's evolve your business together. Future-proof your organization with consulting services from Unisys and advance as a digital-first entity.
Explore
Globe Life
Globe Life

Driving business growth by modernizing the predictive data analytics platform.

View story
California State University
California State University

Enhancing student experience and improving graduation rates at the largest US four-year public university.

View story

Industries

Your industry sets you apart. You see the road ahead clearly. Let's join forces and turn that vision into reality. Unisys brings the tech know-how to complement your deep expertise.
Explore

Client Stories

Explore videos and stories where Unisys has helped businesses and governments improve the lives of their customers and citizens.
Explore
Henkel
Henkel

Partnering with Unisys and Microsoft for a more collaborative digital work environment.

Read story
Flowserve Corporation
Flowserve Corporation

Improving lives through natural resource deployment.

Read story
From Barriers to Breakthroughs
Unlocking Growth Opportunities with Cloud-Enabled Innovation

Navigate the next wave of digital transformation.

Learn more
Frontline in focus
Research insights: Frontline in focus

Amplify frontline worker output with tailored technology.

Learn more

Research

Embark on a journey toward a resilient future with access to Unisys' comprehensive research, developed in collaboration with top industry analysts and research firms.
Explore
IT Insights 2025
Top IT Insights 2025

Explore eight pivotal insights that are shaping enterprise technology, from natural language AI to post-quantum security.

Download report

Resource Center

Find, share and explore assets in support of your key operational objectives.
Explore
Peter
Perspectives from our CEO

Discover insights on the evolving technological landscape, from articles exploring emerging tech trends to my perspectives on industry challenges.

Read more
Unisys Awards
Awards and Recognition

Recognized by analysts, partners, and the industry, these awards showcase our thought leadership, achievements, and innovation.

Explore

Careers

Curiosity, creativity, and a constant desire to improve. Our associates shape tomorrow by going beyond expertise to bring solutions to life.
Explore
Diversity, Equity and Inclusion
Diversity, Equity and Inclusion

Unlocking untapped potential in every person is vital for innovation. Our approach is simple: foster an inclusive environment that welcomes and values everyone.

Read more

Investor Relations

We're a global technology solutions company that's dedicated to driving progress for the world's leading organizations.
Explore
Corporate Social Responsibility
Corporate Social Responsibility

Our commitment to making the world a better place builds on a history of sustainability efforts and achievements across the ESG spectrum.

Learn more

Partners

We collaborate with an ecosystem of partners to provide our clients with cutting-edge products and services in many of the largest industries in the world.
Explore

Language Selection

Your selected language is currently:

English
    4 Min Read

    Fixing the server-side request forgery (SSRF) vulnerability

    December 22, 2021 / Unisys Corporation

    The situation with VMware Workspace ONE portfolio products

    Note: This article will focus solely on VMware's response to the impacted Workspace ONE portfolio products.

    On 16 December 2021, a new vulnerability was discovered in the Workspace ONE UEM console, hosted on Microsoft Internet Information Services (IIS) web server.

    The vulnerability has been published by The Common Vulnerabilities and Exposures (CVE) project as CVE-2021-22054 and obtained the CVSS risk score of 9.1.

    What is this SSRF vulnerability?

    A malicious actor with network access to UEM can send their requests to IIS without authentication and may exploit this issue to gain access to sensitive information.

    VMware response

    On 16 December 2021, in response to the SSRF vulnerability, VMware published a security advisory document for its impacted products.

     

    Below is a list of impacted Workspace ONE consoles:

    Impacted version > Fixed version

    • 2109 > Workspace ONE UEM patch 21.9.0.13 and above
    • 2105 > Workspace ONE UEM patch 21.5.0.37 and above
    • 2102 > Workspace ONE UEM patch 21.2.0.27 and above
    • 2101 > Workspace ONE UEM patch 21.1.0.27 and above
    • 2011 > Workspace ONE UEM patch 20.11.0.40 and above
    • 2010 > Workspace ONE UEM patch 20.10.0.23 and above
    • 2008 > Workspace ONE UEM patch 20.8.0.36 and above
    • 2007 > Workspace ONE UEM patch 20.7.0.17 and above

    Note: This vulnerability does not impact Workspace ONE Access and Unified Access Gateway as these products are NOT based on IIS.

    What solution can be applied?

    Option 1:

    Deploy the patch associated with the supported version of Workspace ONE UEM that your on-premises environment is on. You can find more details here.

    Option 2:

    This workaround can be applied to short-term mitigations for on-premises environments that are not currently on the patched version:

    1. Identify all Windows servers with the UEM console application installed in the environment (e.g., Device Services Server, Console Services Server).
    2. Get administrator-level access to the server using Microsoft Remote Desktop or physical access.
    3. Patch the UEM config file using a text editor.

    More details on how to implement this workaround can be found here.

    Impact of workaround changes

    • The application icons will not display on console screens when searching for public applications.
    • IIS reset will log out any administrators logged into the server being patched.
    • There will be no impact on managed devices.

    Note: The VMware cloud operations team will implement this fix for all SaaS environments, so these workarounds are only temporary until VMware releases a patch.

    Learn more about how Unisys can help you manage and secure all enterprise devices with Modern Device Management.

    Decoding the acronym soup of workplace tech: DSS, DaaS, and WaaS

    Decoding the acronym soup of workplace tech: DSS, DaaS, and WaaS

    Read more
    AI investment drives business value: New research shows what works

    AI investment drives business value: New research shows what works

    Read more
    Three key pillars to nail your cloud operating model

    Three key pillars to nail your cloud operating model

    Read more