VMSA-2025-0009 : VMware Cloud Foundation updates address multiple vulnerabilities (CVE-2025-41229, CVE-2025-41230, CVE-2025-41231)
25733
20 May 2025
20 May 2025
OPEN
HIGH
7.3-8.2
None
CVE-2025-41229, CVE-2025-41230, CVE-2025-41231
| Advisory ID: | VMSA-2025-0009 |
| Advisory Severity: | Important |
| CVSSv3 Range: | 7.3-8.2 |
| Synopsis: | VMware Cloud Foundation updates address multiple vulnerabilities (CVE-2025-41229, CVE-2025-41230, CVE-2025-41231) |
| Issue date: | 2025-05-20 |
| Updated on: | 2025-05-20 (Initial Advisory) |
| CVE(s) | CVE-2025-41229, CVE-2025-41230, CVE-2025-41231 |
1. Impacted Products
- VMware Cloud Foundation
2. Introduction
Multiple vulnerabilities in VMware Cloud Foundation were privately reported to VMware. Updates are available to remediate these vulnerabilities in affected VMware products.
3a. VMware Cloud Foundation Directory Traversal Vulnerability (CVE-2025-41229)
Description:
VMware Cloud Foundation contains a directory traversal vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.2.
Known Attack Vectors:
A malicious actor with network access to port 443 on VMware Cloud Foundation may exploit this issue to access certain internal services.
Resolution:
To remediate CVE-2025-41229 apply the updates listed in the 'Fixed Version' column of the 'Response Matrix' below to affected deployments.
Workarounds:
None.
Additional Documentation:
None.
Acknowledgments:
VMware would like to thank Gustavo Bonito of NATO Cyber Security Centre (NCSC) for reporting this issue to us.
Notes:
None.
3b. VMware Cloud Foundation Information Disclosure Vulnerability (CVE-2025-41230)
Description:
VMware Cloud Foundation contains an information disclosure vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.5.
Known Attack Vectors:
A malicious actor with network access to port 443 on VMware Cloud Foundation may exploit this issue to gain access to sensitive information.
Resolution:
To remediate CVE-2025-41230 apply the updates listed in the 'Fixed Version' column of the 'Response Matrix' below to affected deployments.
Workarounds:
None.
Additional Documentation:
None.
Acknowledgments:
VMware would like to thank Gustavo Bonito of NATO Cyber Security Centre (NCSC) for reporting this issue to us.
Notes:
None.
3c. VMware Cloud Foundation Missing Authorisation Vulnerability (CVE-2025-41231)
Description:
VMware Cloud Foundation contains a missing authorisation vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.3.
Known Attack Vectors:
A malicious actor with access to VMware Cloud Foundation appliance may be able to perform certain unauthorised actions and access limited sensitive information.
Resolution:
Workarounds:
None.
Additional Documentation:
None.
Acknowledgments:
VMware would like to thank Gustavo Bonito of NATO Cyber Security Centre (NCSC) for reporting this issue to us.
Notes:
None.
Response Matrix:
|
VMware Product |
Version |
Running On |
CVE |
CVSSv3 |
Severity |
Fixed Version |
Workarounds |
Additional Documentation |
|---|---|---|---|---|---|---|---|---|
| VMware Cloud Foundation | 5.x | Any |
CVE-2025-41229, CVE-2025-41230, CVE-2025-41231 |
8.2, 7.5, 7.3 | Important | 5.2.1.2 | None | None |
| VMware Cloud Foundation | 4.5.x | Any |
CVE-2025-41229, CVE-2025-41230, CVE-2025-41231 |
8.2, 7.5, 7.3 | Important | KB398008 | None | None |
4. References:
Fixed Version(s) and Release Notes:
VMware Cloud Foundation 5.2.1.2
Downloads and Documentation:
https://techdocs.broadcom.com/us/en/vmware-cis/vcf/vcf-5-2-and-earlier/5-2/vcf-release-notes/vmware-cloud-foundation-521-release-notes.html#GUID-bea9c4f4-f376-4a63-9787-114a8b767ed2-en_id-bbdf8909-3085-4c41-b287-0461e71b2e07
Mitre CVE Dictionary Links:
https://www.cve.org/CVERecord?id=CVE-2025-41229
https://www.cve.org/CVERecord?id=CVE-2025-41230
https://www.cve.org/CVERecord?id=CVE-2025-41231
FIRST CVSSv3 Calculator:
CVE-2025-41229: https://www.first.org/cvss/calculator/3-1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
CVE-2025-41230: https://www.first.org/cvss/calculator/3-1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2025-41231: https://www.first.org/cvss/calculator/3-1#CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
5. Change Log:
2025-05-20 VMSA-2025-0009
Initial security advisory.
6. Contact:
E-mail: [email protected]
PGP key
https://knowledge.broadcom.com/external/article/321551
VMware Security Advisories
https://www.broadcom.com/support/vmware-security-advisories
VMware External Vulnerability Response and Remediation Policy
https://www.broadcom.com/support/vmware-services/security-response
VMware Lifecycle Support Phases
https://support.broadcom.com/group/ecx/productlifecycle
VMware Security Blog
https://blogs.vmware.com/security
X
https://x.com/VMwareSRC
Copyright 2025 Broadcom. All rights reserved.