Vulnerability in Omnissa Workspace One Uem
CVE-2025-25236
Omnissa Workspace ONE UEM contains an observable response discrepancy vulnerability. A malicious actor may be able to enumerate sensitive information such as tenant ID and user accounts that could facilitate brute-force, password-spraying…
EPSS: 0.002 (11.6th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 5.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N.
Affected products
- Omnissa Workspace One Uem — versions Omnissa Workspace ONE UEM version prior to 24.10.0.25, Omnissa Workspace ONE UEM version prior to 24.6.0.44, Omnissa Workspace ONE UEM version prior to 24.2.0.36
Weakness classification (CWE)
References
Frequently asked questions
- What is CVE-2025-25236?
- CVE-2025-25236 is a medium-severity vulnerability in Omnissa Workspace One Uem, classified under Observable Response Discrepancy. CVSS score: 5.3/10. Published 2025-11-12.
- How severe is CVE-2025-25236?
- Medium severity. CVSS v3 base score is 5.3 out of 10.