CVE-2025-25235HIGH 8.6EPSS p19.1%

CVE-2025-25235CVE-2025-25235

Description

Server-Side Request Forgery (SSRF) in Omnissa Secure Email Gateway (SEG) in SEG prior to 2.32 running on Windows and SEG prior to 2503 running on UAG allows routing of network traffic such as HTTP requests to internal networks.

Scoring

CVSS 3.18.6 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
EPSS0.28% probability of exploitation · percentile 19.1% · 2026-06-19T12:03:05Z
Published2025-08-11
Last modified2026-04-15

Underlying weaknesses· 1

CWE-918

References

  1. https://www.omnissa.com/omsa-2025-0003/

1

TypeTargetConfidenceTier
WeaknessServer-Side Request Forgery (SSRF)cwe-9180%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Omnissa Workspace ONE Server-Side Request Forgery
CVE
CVE-2026-26137
CVE
CVE-2026-45503
CVE
CVE-2026-45502
CVE
CVE-2025-21177
CVE
CVE-2026-45504
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.