Information Disclosure Vulnerability in VMware Cloud Foundation
CVE-2025-41230

7.5HIGH

Key Information:

Vendor: Vmware
Status: Cloud Foundation
Vendor: CVE Published:; 20 May 2025

Badges

📰 News Worthy

What is CVE-2025-41230?

VMware Cloud Foundation has a vulnerability that allows a malicious actor with network access to port 443 to exploit it for information disclosure. This issue could enable unauthorized individuals to access sensitive information, potentially compromising security and privacy. It is crucial for users to ensure their systems are secured against unauthorized access and to implement recommended security measures.

Affected Version(s)

Cloud Foundation 5.x < 5.2.1.2

Cloud Foundation 4.5.x

News Articles

GBHackers News

CVE-2025-41229 CVE-2025-41230

Critical VMware Cloud Foundation Vulnerability Exposes Sensitive Data

Broadcom's VMware division has disclosed three significant security vulnerabilities in its Cloud Foundation platform.

References

https://support.broadcom.com/web/ecx/support-content-noti...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

📰
First article discovered by GBHackers News
May 20, 2025
Vulnerability published
May 20, 2025
Vulnerability Reserved
Apr 16, 2025

Vmware

Badges

What is CVE-2025-41230?

Affected Version(s)

News Articles

Critical VMware Cloud Foundation Vulnerability Exposes Sensitive Data

References

CVSS V3.1

Timeline