Information Disclosure Vulnerability in VMware Cloud Foundation
CVE-2025-41230

7.5HIGH

Key Information:

Vendor

VMware

Vendor
CVE Published:
20 May 2025

What is CVE-2025-41230?

VMware Cloud Foundation has a vulnerability that allows a malicious actor with network access to port 443 to exploit it for information disclosure. This issue could enable unauthorized individuals to access sensitive information, potentially compromising security and privacy. It is crucial for users to ensure their systems are secured against unauthorized access and to implement recommended security measures.

Affected Version(s)

VMware Cloud Foundation 5.x < 5.2.1.2

VMware Cloud Foundation 4.5.x

References

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
The Cyber Security Vulnerability Database.