Detections
Analytics
VMWare Cloud Foundation Multiple Vulnerabilities (VMSA-2025-0009)
high Nessus Plugin ID 237465
Synopsis
A hybrid cloud platform on the remote host is affected by multiple vulnerabilities.Description
The remote host is running a version of Cloud Foundation version 4.5.x or earlier than 4.5.2.0 with Hotpatch KB398008 or 5.x earlier than 5.2.1.2. It is, therefore, affected by multiple vulnerabilities:- A malicious actor with network access to port 443 on VMware Cloud Foundation may exploit this issue to access certain internal services. (CVE-2025-41229)
- A malicious actor with network access to port 443 on VMware Cloud Foundation may exploit this issue to gain access to sensitive information. (CVE-2025-41230)
- A malicious actor with access to VMware Cloud Foundation appliance may be able to perform certain unauthorised actions and access limited sensitive information. (CVE-2025-41231)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Upgrade to VMWare Cloud Foundation to version 4.5.2.0 with Hotpatch KB398008, 5.2.1.2, or later.See Also
Plugin Details
Severity: High
ID: 237465
File Name: vmware_cloud_foundation_vmsa-2025-0009.nasl
Version: 1.1
Type: local
Agent: windows
Family: Windows
Published: 5/29/2025
Updated: 5/29/2025
Configuration: Enable paranoid mode, Enable thorough checks (optional)
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.5
CVSS v2
Risk Factor: High
Base Score: 8.5
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:P/A:N
CVSS Score Source: CVE-2025-41229
CVSS v3
Risk Factor: High
Base Score: 8.2
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
Vulnerability Information
CPE: cpe:/a:mdaemon:mdaemon
Required KB Items: Settings/ParanoidReport, installed_sw/VMware Cloud Foundation
Patch Publication Date: 11/15/2024
Vulnerability Publication Date: 11/15/2024
Reference Information
CVE: CVE-2025-41229, CVE-2025-41230, CVE-2025-41231
IAVA: 2025-A-0366