Vulnerability Details CVE-2025-25234
Omnissa UAG contains a Cross-Origin Resource Sharing (CORS) bypass vulnerability. A malicious actor with network access to UAG may be able to bypass administrator-configured CORS restrictions to gain access to sensitive networks.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 7.5%
CVSS Severity
CVSS v3 Score 7.1
References
Products affected by CVE-2025-25234
-
cpe:2.3:a:omnissa:unified_access_gateway:2111
-
cpe:2.3:a:omnissa:unified_access_gateway:2111.1
-
cpe:2.3:a:omnissa:unified_access_gateway:2111.2
-
cpe:2.3:a:omnissa:unified_access_gateway:2203
-
cpe:2.3:a:omnissa:unified_access_gateway:2203.1
-
cpe:2.3:a:omnissa:unified_access_gateway:2207
-
cpe:2.3:a:omnissa:unified_access_gateway:2207.1
-
cpe:2.3:a:omnissa:unified_access_gateway:2209
-
cpe:2.3:a:omnissa:unified_access_gateway:2209.1
-
cpe:2.3:a:omnissa:unified_access_gateway:2209.2
-
cpe:2.3:a:omnissa:unified_access_gateway:2212
-
cpe:2.3:a:omnissa:unified_access_gateway:2303
-
cpe:2.3:a:omnissa:unified_access_gateway:2306
-
cpe:2.3:a:omnissa:unified_access_gateway:2306.1
-
cpe:2.3:a:omnissa:unified_access_gateway:2309
-
cpe:2.3:a:omnissa:unified_access_gateway:2312
-
cpe:2.3:a:omnissa:unified_access_gateway:2406
-
cpe:2.3:a:omnissa:unified_access_gateway:2412