Omnissa Workspace One Uem vulnerabilities
3 known vulnerabilities affecting omnissa/omnissa_workspace_one_uem.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
1
Severity breakdown
HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2025-25231P1HIGHCVSS 7.5ExploitedPoCvOmnissa Workspace ONE UEM version 24.10.0.10 or earliervOmnissa Workspace ONE UEM version 24.6.0.34 or earlier+2 more2025-08-11
CVE-2025-25231 [HIGH] CWE-22 CVE-2025-25231: Omnissa Workspace ONE UEM contains a Secondary Context Path Traversal Vulnerability. A malicious act
Omnissa Workspace ONE UEM contains a Secondary Context Path Traversal Vulnerability. A malicious actor may be able to gain access to sensitive information by sending crafted GET requests (read-only) to restricted API endpoints.
nvd
CVE-2025-25229P4MEDIUMCVSS 5.4vOmnissa Workspace ONE UEM version 24.10.0.10 or earliervOmnissa Workspace ONE UEM version 24.6.0.34 or earlier+2 more2025-08-11
CVE-2025-25229 [MEDIUM] CWE-918 CVE-2025-25229: Omnissa Workspace ONE UEM contains a Server-Side Request Forgery (SSRF) Vulnerability. A malicious a
Omnissa Workspace ONE UEM contains a Server-Side Request Forgery (SSRF) Vulnerability. A malicious actor with user privileges may be able to access restricted internal system information, potentially enabling enumeration of internal network resources.
nvd
CVE-2025-25236P4MEDIUMCVSS 5.3vOmnissa Workspace ONE UEM version prior to 24.10.0.25vOmnissa Workspace ONE UEM version prior to 24.6.0.44+1 more2025-11-12
CVE-2025-25236 [MEDIUM] CWE-204 CVE-2025-25236: Omnissa Workspace ONE UEM contains an observable response discrepancy vulnerability. A malicious act
Omnissa Workspace ONE UEM contains an observable response discrepancy vulnerability. A malicious actor may be able to enumerate sensitive information such as tenant ID and user accounts that could facilitate brute-force, password-spraying or credential-stuffing attacks.
nvd