AI description
CVE-2025-25231 is a secondary context path traversal vulnerability found in Omnissa Workspace ONE UEM. A malicious actor could exploit this vulnerability to gain access to sensitive information. This vulnerability can be exploited by sending crafted GET requests to restricted API endpoints. These requests are read-only.
- Description
- Omnissa Workspace ONE UEM contains a Secondary Context Path Traversal Vulnerability. A malicious actor may be able to gain access to sensitive information by sending crafted GET requests (read-only) to restricted API endpoints.
- Source
- de5a6978-88fe-4c27-a7df-d0d5b52d5b52
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- Severity
- HIGH
- Hype score
- Not currently trending
Earlier this year, our Security Research team discovered a high-risk secondary context path traversal issue in Omnissa Workspace One UEM (CVE-2025-25231). We also developed a chain to RCE on instances in the wild. You can read our detailed research here: https://t.co/p3j7V0nbC4
@assetnote
3 Sept 2025
2404 Impressions
11 Retweets
54 Likes
21 Bookmarks
1 Reply
0 Quotes
My favourite finding from @SLCyberSec's Security Research team in 2025 so far is a secondary context path traversal in Omnissa Workspace One UEM (CVE-2025-25231). Really interesting bug, and fun kill chain to RCE. https://t.co/UoIVm2DazJ
@infosec_au
3 Sept 2025
8290 Impressions
40 Retweets
169 Likes
90 Bookmarks
4 Replies
0 Quotes
CVE-2025-25231 (CVSS:7.5, HIGH) is Awaiting Analysis. Omnissa Workspace ONE UEM contains a Secondary Context Path Traversal Vulnerability. A malicious actor may be able to ga..https://t.co/PSEfJXtyVU #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
16 Aug 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Omnissa has identified high-severity vulnerabilities (CVE-2025-25229, CVE-2025-25231) in Omnissa Workspace ONE UEM (On-Premises). Patches are available. Affected organizations are strongly encouraged to update as soon as possible. Read the full advisory: https://t.co/D59q1Pl9wd h
@FerroqueSystems
11 Aug 2025
29 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-25231 Omnissa Workspace ONE UEM contains a Secondary Context Path Traversal Vulnerability. A malicious actor may be able to gain access to sensitive information by sending … https://t.co/y4ifUzY7XD
@CVEnew
11 Aug 2025
296 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-25231 Secondary Context Path Traversal Vulnerability in Omnissa Workspace ONE UEM https://t.co/V0crCs2DOu
@VulmonFeeds
11 Aug 2025
62 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes