CVE-2025-25229

Medium CVSS 5.4

Overview

Omnissa Workspace ONE UEM contains a Server-Side Request Forgery (SSRF) Vulnerability. A malicious actor with user privileges may be able to access restricted internal system information, potentially enabling enumeration of internal network resources.

CWE: CWE-918 Published: 2025-08-11T19:15:26.550

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

CVSS: 5.4 (MEDIUM)
Detected tags: ssrf (tag impact: MODERATE)

Recommended actions:

Deny access to internal/metadata addresses; use outbound allowlists.

Overview

Recommended tools

Tags