June 30, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Multiple Cisco Webex Vulnerabilities
May 22, 2025Multiple Adobe Dimension and Substance3D Vulnerabilities
May 22, 2025Multiple Cisco Webex Vulnerabilities
May 22, 2025Multiple Adobe Dimension and Substance3D Vulnerabilities
May 22, 2025
Severity
High
Analysis Summary
CVE-2025-41229 CVSS:8.2
VMware Cloud Foundation contains a directory traversal vulnerability. A malicious actor with network access to port 443 on VMware Cloud Foundation may exploit this issue to access certain internal services.
CVE-2025-41230 CVSS:7.5
VMware Cloud Foundation contains an information disclosure vulnerability. A malicious actor with network access to port 443 on VMware Cloud Foundation may exploit this issue to gain access to sensitive information.
CVE-2025-41231 CVSS:7.3
VMware Cloud Foundation contains a missing authorisation vulnerability. A malicious actor with access to VMware Cloud Foundation appliance may be able to perform certain unauthorised actions and access limited sensitive information.
Impact
- Gain Access
Indicators of Compromise
CVE
CVE-2025-41229
CVE-2025-41230
CVE-2025-41231
Affected Vendors
VMware
Affected Products
- VMware Cloud Foundation - 5.x
- VMware Cloud Foundation - 4.5.x
Remediation
Refer to VMware Security Advisory for patch, upgrade, or suggested workaround information.