Denial-of-service vulnerability_CVE-2025-41241

4.4 / 10

MEDIUM

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H

Description

VMware vCenter contains a denial-of-service vulnerability. A malicious actor who is authenticated through vCenter and has permission to perform API calls for guest OS customisation may trigger this vulnerability to create a denial-of-service condition.

Basic Information

ID CVE-2025-41241

Source vmware

Published Jul 29, 2025 at 12:25

Modified Jul 29, 2025 at 13:24

Affected Product

Vendor VMware

Product vCenter

Version 8.0

Affected Versions VMware vCenter 8.0
VMware vCenter 7.0
VMware Cloud Foundation 5.x, 4.5.x
VMware Telco Cloud Platform 5.x, 2.x
VMware Telco Cloud Infrastructure 2.x

CWE Classification

CWE-754

References

support.broadcom.com /web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35964

{
    "lastseen": "",
    "description": "VMware vCenter contains a denial-of-service vulnerability.\u00a0A malicious actor who is authenticated through vCenter and has permission to perform API calls for guest OS customisation may trigger this vulnerability to create a denial-of-service condition.",
    "published": "2025-07-29T12:25:55.706Z",
    "modified": "2025-07-29T13:24:08.243Z",
    "type": "cve",
    "title": "Denial-of-service vulnerability",
    "source": "vmware",
    "references": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35964",
    "id": "CVE-2025-41241",
    "bulletinFamily": "",
    "cwe": [
        "CWE-754"
    ],
    "cvelist": null,
    "sourceData": "VMware vCenter 8.0\nVMware vCenter 7.0\nVMware Cloud Foundation 5.x, 4.5.x\nVMware Telco Cloud Platform 5.x, 2.x\nVMware Telco Cloud Infrastructure 2.x",
    "sourceHref": "",
    "cvss": {
        "score": 4.4,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "vCenter",
    "version": "8.0",
    "vendor": "VMware",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}