CVE-2025-41230 | THREATINT

Description

VMware Cloud Foundation contains an information disclosure vulnerability. A malicious actor with network access to port 443 on VMware Cloud Foundation may exploit this issue to gain access to sensitive information.

PUBLISHED Reserved 2025-04-16 | Published 2025-05-20 | Updated 2025-06-24 | Assigner vmware

HIGH: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Problem types

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

Product status

Default status

unaffected

5.x (custom) before 5.2.1.2

affected

4.5.x

affected

References

support.broadcom.com/...l/content/SecurityAdvisories/0/25733

cve.org (CVE-2025-41230)

nvd.nist.gov (CVE-2025-41230)

Download JSON