CVE-2025-25236

Omnissa Workspace ONE UEM contains an observable response discrepancy vulnerability. A malicious actor may be able to enumerate sensitive information such as tenant ID and user accounts that could facilitate brute-force, password-spraying or credential-stuffing attacks...

CVE-2025-25236

Omnissa Workspace ONE UEM (affected families: 24.2.x before 24.2.0.36, 24.6.x before 24.6.0.44, or 24.10.x before 24.10.0.25) contains an observable response discrepancy vulnerability (CVE-2025-25236). The issue may allow enumeration of sensitive data such as tenant IDs and user accounts, enablin...

PT-2025-46681

Name of the Vulnerable Software and Affected Versions Omnissa Workspace ONE UEM affected versions not specified Description A discrepancy in observable responses exists in Omnissa Workspace ONE UEM. This could allow a malicious actor to enumerate sensitive information, including tenant ID and use...

Vulnerabilities fixed in Omnissa Workspace ONE UEM

Omnissa has fixed vulnerabilities in Omnissa Workspace ONE UEM. The vulnerabilities are located in the API endpoints of Omnissa Workspace ONE UEM. The first vulnerability allows malicious parties to gain unauthorized access to sensitive information using the Path Traversal technique. This can lea...

CVE-2025-25229

Omnissa Workspace ONE UEM contains a Server-Side Request Forgery SSRF Vulnerability. A malicious actor with user privileges may be able to access restricted internal system information, potentially enabling enumeration of internal network resources...

Exploit for CVE-2025-25231

CVE-2025-25231 Nuclei Template این تمپلیت برای ابزار Nuclei...

CVE-2025-25231

Omnissa Workspace ONE UEM contains a Secondary Context Path Traversal Vulnerability. A malicious actor may be able to gain access to sensitive information by sending crafted GET requests read-only to restricted API endpoints...

VulnCheck KEV: CVE-2021-22054

Omnissa Workspace One UEM formerly known as VMware Workspace One UEM contains a server-side request forgery SSRF vulnerability that could allow a malicious actor with network access to UEM to send their requests without authentication and to gain access to sensitive information...

CVE-2024-22260

VMware Workspace One UEM update addresses an information exposure vulnerability. A malicious actor with network access to the Workspace One UEM may be able to perform an attack resulting in an information exposure...

The vulnerability of the Unified Management Console for VMware Workspace ONE UEM endpoints involves redirecting URLs to an unreliable website, allowing attackers to escalate their privileges.

The vulnerability of the Unified Management Console for VMware Workspace ONE UEM involves redirecting the URL to an unreliable website. Exploiting this vulnerability can allow a malicious actor to gain increased privileges remotely...

CVE-2023-20886

VMware Workspace ONE UEM console contains an open redirect vulnerability. A malicious actor may be able to redirect a victim to an attacker and retrieve their SAML response to login as the victim user...

CVE-2023-20886

VMware Workspace ONE UEM console contains an open redirect vulnerability. A malicious actor may be able to redirect a victim to an attacker and retrieve their SAML response to login as the victim user...

PT-2023-6684 · Vmware · Vmware Workspace One Uem

Name of the Vulnerable Software and Affected Versions: VMware Workspace ONE UEM affected versions not specified Description: The issue is related to an open redirect vulnerability in the VMware Workspace ONE UEM console. This vulnerability can be exploited by a malicious actor to redirect a victi...

Exploit for Server-Side Request Forgery in Vmware Workspace_One_Uem_Console

CVE-2021-22054 Generate SSRF payloads References https:/...

CVE-2021-22054

VMware Workspace ONE UEM console 20.0.8 prior to 20.0.8.37, 20.11.0 prior to 20.11.0.40, 21.2.0 prior to 21.2.0.27, and 21.5.0 prior to 21.5.0.37 contain an SSRF vulnerability. This issue may allow a malicious actor with network access to UEM to send their requests without authentication and to...

CVE-2021-22054

VMware Workspace ONE UEM console 20.0.8 prior to 20.0.8.37, 20.11.0 prior to 20.11.0.40, 21.2.0 prior to 21.2.0.27, and 21.5.0 prior to 21.5.0.37 contain an SSRF vulnerability. This issue may allow a malicious actor with network access to UEM to send their requests without authentication and to...

VMware Releases Security Advisory

VMware has released a security advisory to address a vulnerability in Workspace ONE UEM console. An attacker could exploit this vulnerability to obtain sensitive information. CISA encourages users and administrators to review VMware Security Advisory VMSA-2021-0029 and apply the necessary...

Vulnerability fixed in VMware Workspace ONE UEM

VMware has fixed a vulnerability in Workspace ONE UEM. A unauthenticated malicious person could exploit this vulnerability to perform a same-site request forgery SSRF attack and thereby gain access to sensitive data. For successful exploitation requires network access to the Workspace ONE UEM...

PT-2021-6848

Name of the Vulnerable Software and Affected Versions VMware Workspace ONE UEM versions 20.0.8 through 20.0.8.37 VMware Workspace ONE UEM versions 20.11.0 through 20.11.0.40 VMware Workspace ONE UEM versions 21.2.0 through 21.2.0.27 VMware Workspace ONE UEM versions 21.5.0 through 21.5.0.37...

CVE-2021-22029

VMware Workspace ONE UEM REST API contains a denial of service vulnerability. A malicious actor with access to /API/system/admins/session could cause an API denial of service due to improper rate limiting...