Omnissa Workspace ONE UEM contains a Server-Side Request Forgery (SSRF) Vulnerability. A malicious actor with user privileges may be able to access restricted internal system information, potentially enabling enumeration of internal network resources.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Tue, 12 Aug 2025 12:15:00 +0000

Type Values Removed Values Added
First Time appeared Omnissa
Omnissa workspace One
Vendors & Products Omnissa
Omnissa workspace One

Mon, 11 Aug 2025 19:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-918
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Mon, 11 Aug 2025 18:30:00 +0000

Type Values Removed Values Added
Description Omnissa Workspace ONE UEM contains a Server-Side Request Forgery (SSRF) Vulnerability. A malicious actor with user privileges may be able to access restricted internal system information, potentially enabling enumeration of internal network resources.
References
Metrics cvssV3_1

{'score': 5.4, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Omnissa

Published:

Updated: 2025-08-11T18:41:08.281Z

Reserved: 2025-02-04T20:59:07.333Z

Link: CVE-2025-25229

cve-icon Vulnrichment

Updated: 2025-08-11T18:41:03.470Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2025-08-11T19:15:26.550

Modified: 2025-08-12T14:25:33.177

Link: CVE-2025-25229

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-08-12T11:46:58Z