Primary

Context

Omnissa Unified Access Gateway CORS Bypass Vulnerability

Vulnerability

Patched

A Cross-Origin Resource Sharing (CORS) bypass vulnerability has been identified in Omnissa Unified Access Gateway (UAG) version 25.03. This vulnerability allows a malicious actor with network access to UAG to bypass administrator-configured CORS restrictions, potentially gaining access to sensitive networks.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive networks by bypassing CORS restrictions.

Remediation

To address this vulnerability, users should update to Omnissa UAG version 25.03.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

2.5

exploitability

7.6

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

2.5

exploitability

7.6

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Omnissa Unified Access Gateway CORS Bypass Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Omnissa Unified Access Gateway

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating