CVE-2025-41229 | THREATINT

Description

VMware Cloud Foundation contains a directory traversal vulnerability. A malicious actor with network access to port 443 on VMware Cloud Foundation may exploit this issue to access certain internal services.

PUBLISHED Reserved 2025-04-16 | Published 2025-05-20 | Updated 2025-06-24 | Assigner vmware

HIGH: 8.2CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

Problem types

CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Product status

Default status

unaffected

5.x (custom) before 5.2.1.2

affected

4.5.x

affected

References

support.broadcom.com/...l/content/SecurityAdvisories/0/25733

cve.org (CVE-2025-41229)

nvd.nist.gov (CVE-2025-41229)

Download JSON