CVE-2025-41251
BaseFortify
Publication date: 2025-09-29
Last updated on: 2025-09-29
Assigner: VMware
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| vmware | nsx | 4.1 |
| vmware | nsx | 4.2 |
| vmware | cloud_foundation | 5.x |
| vmware | nsx | 9.x |
| vmware | cloud_foundation | 4.5 |
| vmware | nsx | 4.0 |
| vmware | nsx-t | 3.x |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-640 | The product contains a mechanism for users to recover or change their passwords without knowing the original password, but the mechanism is weak. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in VMware NSX involves a weak password recovery mechanism that allows an unauthenticated attacker to enumerate valid usernames. By identifying valid usernames, the attacker can then attempt brute-force attacks to guess passwords and gain unauthorized access.
How can this vulnerability impact me? :
The vulnerability can lead to username enumeration, which increases the risk of credential brute-force attacks. This can result in unauthorized access to systems, potentially compromising confidentiality, integrity, and availability of data and services.
What immediate steps should I take to mitigate this vulnerability?
Apply the fixed versions of the affected VMware NSX products as soon as possible. The fixed versions include NSX 9.0.1.0; 4.2.2.2/4.2.3.1; 4.1.2.7; NSX-T 3.2.4.3; and the CCF async patch (KB88287). There are no workarounds available, so patching is the primary mitigation.