Vulnerabilites related to vmware - nsx
Vulnerability from fkie_nvd
Published
2014-09-15 14:55
Modified
2025-04-12 10:46
Severity ?
Summary
VMware NSX 6.0 before 6.0.6, and vCloud Networking and Security (vCNS) 5.1 before 5.1.4.2 and 5.5 before 5.5.3, does not properly validate input, which allows attackers to obtain sensitive information via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | nsx | 6.0 | |
| vmware | nsx | 6.0.1 | |
| vmware | nsx | 6.0.2 | |
| vmware | nsx | 6.0.3 | |
| vmware | nsx | 6.0.4 | |
| vmware | nsx | 6.0.5 | |
| vmware | vcloud_networking_and_security | 5.1 | |
| vmware | vcloud_networking_and_security | 5.1.1 | |
| vmware | vcloud_networking_and_security | 5.1.2 | |
| vmware | vcloud_networking_and_security | 5.1.3 | |
| vmware | vcloud_networking_and_security | 5.1.4 | |
| vmware | vcloud_networking_and_security | 5.1.4.1 | |
| vmware | vcloud_networking_and_security | 5.5 | |
| vmware | vcloud_networking_and_security | 5.5.0a | |
| vmware | vcloud_networking_and_security | 5.5.1 | |
| vmware | vcloud_networking_and_security | 5.5.2 | |
| vmware | vcloud_networking_and_security | 5.5.2.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:nsx:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C54C78EC-80E9-4C43-9308-DA7AD6D6704A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:nsx:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DAF93BAE-35A6-446C-8039-0C691E4CDB38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:nsx:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B746CB6-0FD4-46E7-84D3-1B0C81351323",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:nsx:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "94012F44-B707-4254-B83C-D8F9FF3FBA77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:nsx:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "46F8977D-79A8-4BB1-AD7E-84CD4EB162FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:nsx:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "25D21BCF-BCA4-4BC0-89F0-3CB927F4A4B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcloud_networking_and_security:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "371F3A2F-4904-4A42-94A1-75F847444E0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcloud_networking_and_security:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "521ECBAD-C1AC-4AEB-92E2-4FEA64FB21DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcloud_networking_and_security:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "890888E0-637E-45CF-87FA-540C7F182BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcloud_networking_and_security:5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "994A1D41-D03F-484B-8249-F5E8F4B21868",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcloud_networking_and_security:5.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2D7971A2-2380-4F7F-A946-47DB869E6005",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcloud_networking_and_security:5.1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2BBD7A8D-B7B2-4B46-B7A8-22B80A42C5EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcloud_networking_and_security:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "250ED8DD-35BE-47BD-9C10-0362A1DCADD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcloud_networking_and_security:5.5.0a:*:*:*:*:*:*:*",
"matchCriteriaId": "A051F828-41FD-4931-B7DC-F863D7E0310F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcloud_networking_and_security:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EBFEBA99-C2A9-46B8-A65F-B0E57D081D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcloud_networking_and_security:5.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B0D3A5D6-01B2-4A07-9DF2-2545192B8DFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcloud_networking_and_security:5.5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55C2BFBD-50AE-4D30-BA72-51395EBAC584",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware NSX 6.0 before 6.0.6, and vCloud Networking and Security (vCNS) 5.1 before 5.1.4.2 and 5.5 before 5.5.3, does not properly validate input, which allows attackers to obtain sensitive information via unspecified vectors."
},
{
"lang": "es",
"value": "VMware NSX 6.0 anterior a 6.0.6, y vCloud Networking and Security (vCNS) 5.1 anterior a 5.1.4.2 y 5.5 anterior a 5.5.3, no valida debidamente las entradas, lo que permite a atacantes obtener informaci\u00f3n sensible a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2014-3796",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-09-15T14:55:11.603",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/59938"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1030835"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0009.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95926"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59938"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1030835"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95926"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2014-3796 (GCVE-0-2014-3796)
Vulnerability from cvelistv5
Published
2014-09-15 14:00
Modified
2024-08-06 10:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
VMware NSX 6.0 before 6.0.6, and vCloud Networking and Security (vCNS) 5.1 before 5.1.4.2 and 5.5 before 5.5.3, does not properly validate input, which allows attackers to obtain sensitive information via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vmware.com/security/advisories/VMSA-2014-0009.html | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1030835 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/59938 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/95926 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:57:17.838Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0009.html"
},
{
"name": "1030835",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030835"
},
{
"name": "59938",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59938"
},
{
"name": "vmware-vcns-cve20143796-info-disc(95926)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95926"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-09-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "VMware NSX 6.0 before 6.0.6, and vCloud Networking and Security (vCNS) 5.1 before 5.1.4.2 and 5.5 before 5.5.3, does not properly validate input, which allows attackers to obtain sensitive information via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0009.html"
},
{
"name": "1030835",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030835"
},
{
"name": "59938",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59938"
},
{
"name": "vmware-vcns-cve20143796-info-disc(95926)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95926"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-3796",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware NSX 6.0 before 6.0.6, and vCloud Networking and Security (vCNS) 5.1 before 5.1.4.2 and 5.5 before 5.5.3, does not properly validate input, which allows attackers to obtain sensitive information via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.vmware.com/security/advisories/VMSA-2014-0009.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0009.html"
},
{
"name": "1030835",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030835"
},
{
"name": "59938",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59938"
},
{
"name": "vmware-vcns-cve20143796-info-disc(95926)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95926"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-3796",
"datePublished": "2014-09-15T14:00:00",
"dateReserved": "2014-05-20T00:00:00",
"dateUpdated": "2024-08-06T10:57:17.838Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-41252 (GCVE-0-2025-41252)
Vulnerability from cvelistv5
Published
2025-09-29 19:02
Modified
2025-09-29 19:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-203 - Observable Discrepancy
Summary
Description: VMware NSX contains a username enumeration vulnerability. An unauthenticated malicious actor may exploit this to enumerate valid usernames, potentially leading to unauthorized access attempts.
Impact: Username enumeration → facilitates unauthorized access.
Attack Vector: Remote, unauthenticated.
Severity: Important.
CVSSv3: 7.5 (High).
Acknowledgments: Reported by the National Security Agency.
Affected Products:
* VMware NSX 9.x.x.x, 4.2.x, 4.1.x, 4.0.x
* NSX-T 3.x
* VMware Cloud Foundation (with NSX) 5.x, 4.5.x
Fixed Versions:
* NSX 9.0.1.0; 4.2.2.2/4.2.3.1 http://4.2.2.2/4.2.3.1 ; 4.1.2.7; NSX-T 3.2.4.3; CCF async patch (KB88287).
Workarounds: None.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41252",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-29T19:14:25.259914Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-29T19:14:38.914Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "NSX",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "VMware NSX 9.x.x.x, 4.2.x, 4.1.x, 4.0.x",
"versionType": "custom"
},
{
"status": "affected",
"version": "VMware NSX-T 3.x",
"versionType": "custom"
},
{
"status": "affected",
"version": "VMware Cloud Foundation (with NSX) 5.x, 4.5.x"
},
{
"status": "unaffected",
"version": "VMware NSX 9.0.1.0; 4.2.2.2/4.2.3.1; 4.1.2.7; NSX-T 3.2.4.3; CCF async patch (KB88287)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003cb\u003e\u003c/b\u003e\u003c/p\u003e\u003cp\u003eDescription: VMware NSX contains a username enumeration vulnerability. An unauthenticated malicious actor may exploit this to enumerate valid usernames, potentially leading to unauthorized access attempts.\u003c/p\u003e\n\u003cp\u003eImpact: Username enumeration \u2192 facilitates unauthorized access.\u003c/p\u003e\n\u003cp\u003eAttack Vector: Remote, unauthenticated.\u003c/p\u003e\n\u003cp\u003eSeverity: Important.\u003c/p\u003e\n\u003cp\u003eCVSSv3: 7.5 (High).\u003c/p\u003e\n\u003cp\u003eAcknowledgments: Reported by the National Security Agency.\u003c/p\u003e\n\u003cp\u003eAffected Products:\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eVMware NSX 9.x.x.x, 4.2.x, 4.1.x, 4.0.x\u003cbr\u003e\u003c/li\u003e\u003cli\u003eNSX-T 3.x\u003cbr\u003e\u003c/li\u003e\u003cli\u003eVMware Cloud Foundation (with NSX) 5.x, 4.5.x\u003cbr\u003e\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e\n\n\n\u003cp\u003e\u003cbr\u003e\u003c/p\u003e\n\u003cp\u003eFixed Versions:\u0026nbsp;\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eNSX 9.0.1.0; \u003ca target=\"_blank\" rel=\"nofollow\" href=\"http://4.2.2.2/4.2.3.1\"\u003e4.2.2.2/4.2.3.1\u003c/a\u003e; 4.1.2.7; NSX-T 3.2.4.3; CCF async patch (KB88287).\u003cbr\u003e\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e\n\u003cp\u003eWorkarounds: None.\u003c/p\u003e\u003cbr\u003e"
}
],
"value": "Description: VMware NSX contains a username enumeration vulnerability. An unauthenticated malicious actor may exploit this to enumerate valid usernames, potentially leading to unauthorized access attempts.\n\n\nImpact: Username enumeration \u2192 facilitates unauthorized access.\n\n\nAttack Vector: Remote, unauthenticated.\n\n\nSeverity: Important.\n\n\nCVSSv3: 7.5 (High).\n\n\nAcknowledgments: Reported by the National Security Agency.\n\n\nAffected Products:\n\n\n\n * VMware NSX 9.x.x.x, 4.2.x, 4.1.x, 4.0.x\n\n * NSX-T 3.x\n\n * VMware Cloud Foundation (with NSX) 5.x, 4.5.x\n\n\n\n\n\n\n\n\n\n\n\n\nFixed Versions:\u00a0\n\n\n\n * NSX 9.0.1.0; 4.2.2.2/4.2.3.1 http://4.2.2.2/4.2.3.1 ; 4.1.2.7; NSX-T 3.2.4.3; CCF async patch (KB88287).\n\n\n\n\n\n\nWorkarounds: None."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-203",
"description": "CWE-203 Observable Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-29T19:02:07.283Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36150"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Username enumeration vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2025-41252",
"datePublished": "2025-09-29T19:02:07.283Z",
"dateReserved": "2025-04-16T09:30:25.625Z",
"dateUpdated": "2025-09-29T19:14:38.914Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-41251 (GCVE-0-2025-41251)
Vulnerability from cvelistv5
Published
2025-09-29 18:45
Modified
2025-09-30 03:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-640 - Weak Password Recovery Mechanism for Forgotten Password
Summary
VMware NSX contains a weak password recovery mechanism vulnerability. An unauthenticated malicious actor may exploit this to enumerate valid usernames, potentially enabling brute-force attacks.
Impact: Username enumeration → credential brute force risk.
Attack Vector: Remote, unauthenticated.
Severity: Important.
CVSSv3: 8.1 (High).
Acknowledgments: Reported by the National Security Agency.
Affected Products:VMware NSX 9.x.x.x, 4.2.x, 4.1.x, 4.0.x
NSX-T 3.x
VMware Cloud Foundation (with NSX) 5.x, 4.5.x
Fixed Versions: NSX 9.0.1.0; 4.2.2.2/4.2.3.1 http://4.2.2.2/4.2.3.1 ; 4.1.2.7; NSX-T 3.2.4.3; CCF async patch (KB88287).
Workarounds: None.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41251",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-29T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-30T03:55:13.262Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "NSX",
"vendor": "vmware",
"versions": [
{
"status": "affected",
"version": "VMware NSX - 9.x.x.x, 4.2.x, 4.1.x, 4.0.x",
"versionType": "custom"
},
{
"status": "affected",
"version": "VMware NSX-T - 3.x",
"versionType": "custom"
},
{
"status": "affected",
"version": "VMware Cloud Foundation (with NSX) - 5.x, 4.5.x",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "VMware NSX 9.0.1.0; 4.2.2.2/4.2.3.1; 4.1.2.7; NSX-T 3.2.4.3; CCF async patch (KB88287)",
"versionType": "custom"
}
]
}
],
"datePublic": "2025-09-29T18:26:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "VMware NSX contains a weak password recovery mechanism vulnerability. An unauthenticated malicious actor may exploit this to enumerate valid usernames, potentially enabling brute-force attacks.\u003cbr\u003e\u003cb\u003e\u003cbr\u003eImpact:\u003c/b\u003e\u0026nbsp;Username enumeration \u2192 credential brute force risk.\u003cbr\u003e\u003cb\u003eAttack Vector:\u003c/b\u003e\u0026nbsp;Remote, unauthenticated.\u003cbr\u003e\u003cb\u003eSeverity:\u003c/b\u003e\u0026nbsp;Important.\u003cbr\u003e\u003cb\u003eCVSSv3:\u003c/b\u003e\u0026nbsp;8.1 (High).\u003cbr\u003e\u003cb\u003e\u003cbr\u003eAcknowledgments:\u003c/b\u003e\u0026nbsp;Reported by the National Security Agency.\u003cbr\u003e\u003cbr\u003e\u003cb\u003eAffected Products:\u003c/b\u003e\u003cp\u003eVMware NSX 9.x.x.x, 4.2.x, 4.1.x, 4.0.x\u003c/p\u003eNSX-T 3.x\u003cbr\u003eVMware Cloud Foundation (with NSX) 5.x, 4.5.x\u003cbr\u003e\u003cbr\u003e\u003cb\u003eFixed Versions:\u003c/b\u003e NSX 9.0.1.0; \u003ca target=\"_blank\" rel=\"nofollow\" href=\"http://4.2.2.2/4.2.3.1\"\u003e4.2.2.2/4.2.3.1\u003c/a\u003e; 4.1.2.7; NSX-T 3.2.4.3; CCF async patch (KB88287).\u003cbr\u003e\u003cb\u003eWorkarounds:\u003c/b\u003e None.\u003cbr\u003e\u003cul\u003e\n\u003c/ul\u003e\n\u003cbr\u003e\u003cbr\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "VMware NSX contains a weak password recovery mechanism vulnerability. An unauthenticated malicious actor may exploit this to enumerate valid usernames, potentially enabling brute-force attacks.\n\nImpact:\u00a0Username enumeration \u2192 credential brute force risk.\nAttack Vector:\u00a0Remote, unauthenticated.\nSeverity:\u00a0Important.\nCVSSv3:\u00a08.1 (High).\n\nAcknowledgments:\u00a0Reported by the National Security Agency.\n\nAffected Products:VMware NSX 9.x.x.x, 4.2.x, 4.1.x, 4.0.x\n\nNSX-T 3.x\nVMware Cloud Foundation (with NSX) 5.x, 4.5.x\n\nFixed Versions: NSX 9.0.1.0; 4.2.2.2/4.2.3.1 http://4.2.2.2/4.2.3.1 ; 4.1.2.7; NSX-T 3.2.4.3; CCF async patch (KB88287).\nWorkarounds: None."
}
],
"impacts": [
{
"capecId": "CAPEC-50",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-50 Password Recovery Exploitation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-640",
"description": "CWE-640 Weak Password Recovery Mechanism for Forgotten Password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-29T18:45:16.614Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36150"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Weak password recovery vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2025-41251",
"datePublished": "2025-09-29T18:45:16.614Z",
"dateReserved": "2025-04-16T09:30:25.625Z",
"dateUpdated": "2025-09-30T03:55:13.262Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}