CVE-2025-25234

High CVSS: 7.1

Omnissa UAG contains a Cross-Origin Resource Sharing (CORS) bypass vulnerability. A malicious actor with network access to UAG may be able to bypass administrator-configured CORS restrictions to gain access to sensitive networks.

Vendor

Omnissa

Product

Unified Access Gateway

CWE

CWE-942

Yayın Tarihi

2025-04-17 15:15:54

Güncelleme

2025-04-21 18:35:58

Source Identifier

de5a6978-88fe-4c27-a7df-d0d5b52d5b52

KEV Date Added

Kategoriler

CWE-942 Unified Access Gateway HIGH Omnissa 2025

Referanslar

https://static.omnissa.com/sites/default/files/OMSA-2025-0002.pdf https://www.omnissa.com/omnissa-security-response/