CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2021-22054link is external Omnissa Workspace ONE Server-Side Request Forgery CVE-2025-26399link is external SolarWinds Web Help Desk Deserialization of...

Omnissa Workspace ONE UEM 安全漏洞

Omnissa Workspace ONE UEM is an endpoint management platform from Omnissa USA. A security vulnerability exists in Omnissa Workspace ONE UEM that stems from an observable response discrepancy that could cause a malicious actor to enumerate sensitive information such as tenant IDs and user accounts...

PT-2025-46681

Name of the Vulnerable Software and Affected Versions Omnissa Workspace ONE UEM affected versions not specified Description A discrepancy in observable responses exists in Omnissa Workspace ONE UEM. This could allow a malicious actor to enumerate sensitive information, including tenant ID and use...

CVE-2025-25229

Omnissa Workspace ONE UEM is affected by a Server-Side Request Forgery (SSRF) vulnerability (CVE-2025-25229). The issue could allow a user with privileges to access restricted internal information and enumerate internal network resources via API endpoints. The connected documents corroborate the ...

EUVD-2025-24160

Omnissa Workspace ONE UEM contains a Secondary Context Path Traversal Vulnerability. A malicious actor may be able to gain access to sensitive information by sending crafted GET requests read-only to restricted API endpoints...

CVE-2025-25231

Omnissa Workspace ONE UEM contains a Secondary Context Path Traversal Vulnerability. A malicious actor may be able to gain access to sensitive information by sending crafted GET requests read-only to restricted API endpoints...

CVE-2025-25231

CVE-2025-25231 affects Omnissa Workspace ONE UEM (VMware). The issue is a Secondary Context Path Traversal in restricted API endpoints that can disclose sensitive information via crafted GET requests (read-only). Sources describe a path traversal vulnerability leading to leakage of confidential d...

Omnissa Workspace ONE UEM 安全漏洞

Omnissa Workspace ONE UEM is an endpoint management platform from Omnissa USA. A security vulnerability exists in Omnissa Workspace ONE UEM that stems from secondary path traversal and could lead to the disclosure of sensitive information...

Omnissa Workspace ONE UEM 安全漏洞

Omnissa Workspace ONE UEM is an endpoint management platform from Omnissa USA. A security vulnerability exists in Omnissa Workspace ONE UEM that stems from server-side request forgery and could lead to internal network resource enumeration...