{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-41228", "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "state": "PUBLISHED", "assignerShortName": "vmware", "dateReserved": "2025-04-16T09:29:46.972Z", "datePublished": "2025-05-20T14:24:34.436Z", "dateUpdated": "2025-06-24T07:14:21.027Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "vCenter Server", "vendor": "VMware", "versions": [{"lessThan": "8.0 U3e", "status": "affected", "version": "8.0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Cloud Foundation", "vendor": "VMware", "versions": [{"status": "affected", "version": "5.x, 4.5.x"}]}, {"defaultStatus": "unaffected", "product": "Telco Cloud Platform", "vendor": "VMware", "versions": [{"status": "affected", "version": "5.x, 4.x, 3.x, 2.x"}]}, {"defaultStatus": "unaffected", "product": "Telco Cloud Infrastructure", "vendor": "VMware", "versions": [{"status": "affected", "version": "3.x,2.x"}]}, {"defaultStatus": "unaffected", "product": "ESXi", "vendor": "VMware", "versions": [{"lessThan": "ESXi80U3se-24659227", "status": "affected", "version": "8.0", "versionType": "custom"}, {"lessThan": "ESXi70U3sv-24723868", "status": "affected", "version": "7.0", "versionType": "custom"}]}], "datePublic": "2025-05-20T11:30:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">VMware ESXi and vCenter Server contain a reflected cross-site scripting vulnerability due to improper input validation.&nbsp;</span>A malicious actor with network access to the login page of certain ESXi host or vCenter Server URL paths may exploit this issue to steal cookies or redirect to malicious websites.<span style=\"background-color: rgb(255, 255, 255);\"><br><br></span><br>"}], "value": "VMware ESXi and vCenter Server contain a reflected cross-site scripting vulnerability due to improper input validation.\u00a0A malicious actor with network access to the login page of certain ESXi host or vCenter Server URL paths may exploit this issue to steal cookies or redirect to malicious websites."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "shortName": "vmware", "dateUpdated": "2025-06-24T07:14:21.027Z"}, "references": [{"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25717"}], "source": {"discovery": "UNKNOWN"}, "title": "VMware ESXi and vCenter Server Reflected Cross Site Scripting (XSS) Vulnerability", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-05-20T15:33:21.745022Z", "id": "CVE-2025-41228", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-20T15:33:37.635Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-41228", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-05-20T15:33:21.745022Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-20T15:33:31.176Z"}}], "cna": {"title": "VMware ESXi and vCenter Server Reflected Cross Site Scripting (XSS) Vulnerability", "source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "VMware", "product": "vCenter Server", "versions": [{"status": "affected", "version": "8.0", "lessThan": "8.0 U3e", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "VMware", "product": "Cloud Foundation", "versions": [{"status": "affected", "version": "5.x, 4.5.x"}], "defaultStatus": "unaffected"}, {"vendor": "VMware", "product": "Telco Cloud Platform", "versions": [{"status": "affected", "version": "5.x, 4.x, 3.x, 2.x"}], "defaultStatus": "unaffected"}, {"vendor": "VMware", "product": "Telco Cloud Infrastructure", "versions": [{"status": "affected", "version": "3.x,2.x"}], "defaultStatus": "unaffected"}, {"vendor": "VMware", "product": "ESXi", "versions": [{"status": "affected", "version": "8.0", "lessThan": "ESXi80U3se-24659227", "versionType": "custom"}, {"status": "affected", "version": "7.0", "lessThan": "ESXi70U3sv-24723868", "versionType": "custom"}], "defaultStatus": "unaffected"}], "datePublic": "2025-05-20T11:30:00.000Z", "references": [{"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25717"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "VMware ESXi and vCenter Server contain a reflected cross-site scripting vulnerability due to improper input validation.\u00a0A malicious actor with network access to the login page of certain ESXi host or vCenter Server URL paths may exploit this issue to steal cookies or redirect to malicious websites.", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">VMware ESXi and vCenter Server contain a reflected cross-site scripting vulnerability due to improper input validation.&nbsp;</span>A malicious actor with network access to the login page of certain ESXi host or vCenter Server URL paths may exploit this issue to steal cookies or redirect to malicious websites.<span style=\"background-color: rgb(255, 255, 255);\"><br><br></span><br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "shortName": "vmware", "dateUpdated": "2025-06-24T07:14:21.027Z"}}}, "cveMetadata": {"cveId": "CVE-2025-41228", "state": "PUBLISHED", "dateUpdated": "2025-06-24T07:14:21.027Z", "dateReserved": "2025-04-16T09:29:46.972Z", "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "datePublished": "2025-05-20T14:24:34.436Z", "assignerShortName": "vmware"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "VMware ESXi and vCenter Server contain a reflected cross-site scripting vulnerability due to improper input validation.\u00a0A malicious actor with network access to the login page of certain ESXi host or vCenter Server URL paths may exploit this issue to steal cookies or redirect to malicious websites."}, {"lang": "es", "value": "VMware ESXi y vCenter Server presentan una vulnerabilidad de cross-site scripting reflejado debido a una validaci\u00f3n de entrada incorrecta. Un agente malicioso con acceso de red a la p\u00e1gina de inicio de sesi\u00f3n de ciertas rutas URL del host ESXi o vCenter Server podr\u00eda aprovechar este problema para robar cookies o redirigir a sitios web maliciosos."}], "id": "CVE-2025-41228", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "security@vmware.com", "type": "Secondary"}]}, "published": "2025-05-20T15:16:07.943", "references": [{"source": "security@vmware.com", "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25717"}], "sourceIdentifier": "security@vmware.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "security@vmware.com", "type": "Secondary"}]}

{}

{"created": "2025-06-23T19:31:59.561093+00:00", "updated": "2025-06-23T19:31:59.561143+00:00", "vendors": ["vmware", "vmware$PRODUCT$esxi", "vmware$PRODUCT$vcenter_server"]}