{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-41228", "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "state": "PUBLISHED", "assignerShortName": "vmware", "dateReserved": "2025-04-16T09:29:46.972Z", "datePublished": "2025-05-20T14:24:34.436Z", "dateUpdated": "2025-06-24T07:14:21.027Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "vCenter Server", "vendor": "VMware", "versions": [{"lessThan": "8.0 U3e", "status": "affected", "version": "8.0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Cloud Foundation", "vendor": "VMware", "versions": [{"status": "affected", "version": "5.x, 4.5.x"}]}, {"defaultStatus": "unaffected", "product": "Telco Cloud Platform", "vendor": "VMware", "versions": [{"status": "affected", "version": "5.x, 4.x, 3.x, 2.x"}]}, {"defaultStatus": "unaffected", "product": "Telco Cloud Infrastructure", "vendor": "VMware", "versions": [{"status": "affected", "version": "3.x,2.x"}]}, {"defaultStatus": "unaffected", "product": "ESXi", "vendor": "VMware", "versions": [{"lessThan": "ESXi80U3se-24659227", "status": "affected", "version": "8.0", "versionType": "custom"}, {"lessThan": "ESXi70U3sv-24723868", "status": "affected", "version": "7.0", "versionType": "custom"}]}], "datePublic": "2025-05-20T11:30:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">VMware ESXi and vCenter Server contain a reflected cross-site scripting vulnerability due to improper input validation.&nbsp;</span>A malicious actor with network access to the login page of certain ESXi host or vCenter Server URL paths may exploit this issue to steal cookies or redirect to malicious websites.<span style=\"background-color: rgb(255, 255, 255);\"><br><br></span><br>"}], "value": "VMware ESXi and vCenter Server contain a reflected cross-site scripting vulnerability due to improper input validation.\u00a0A malicious actor with network access to the login page of certain ESXi host or vCenter Server URL paths may exploit this issue to steal cookies or redirect to malicious websites."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "shortName": "vmware", "dateUpdated": "2025-06-24T07:14:21.027Z"}, "references": [{"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25717"}], "source": {"discovery": "UNKNOWN"}, "title": "VMware ESXi and vCenter Server Reflected Cross Site Scripting (XSS) Vulnerability", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-05-20T15:33:21.745022Z", "id": "CVE-2025-41228", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-20T15:33:37.635Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-41228", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-05-20T15:33:21.745022Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-20T15:33:31.176Z"}}], "cna": {"title": "VMware ESXi and vCenter Server Reflected Cross Site Scripting (XSS) Vulnerability", "source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "VMware", "product": "vCenter Server", "versions": [{"status": "affected", "version": "8.0", "lessThan": "8.0 U3e", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "VMware", "product": "Cloud Foundation", "versions": [{"status": "affected", "version": "5.x, 4.5.x"}], "defaultStatus": "unaffected"}, {"vendor": "VMware", "product": "Telco Cloud Platform", "versions": [{"status": "affected", "version": "5.x, 4.x, 3.x, 2.x"}], "defaultStatus": "unaffected"}, {"vendor": "VMware", "product": "Telco Cloud Infrastructure", "versions": [{"status": "affected", "version": "3.x,2.x"}], "defaultStatus": "unaffected"}, {"vendor": "VMware", "product": "ESXi", "versions": [{"status": "affected", "version": "8.0", "lessThan": "ESXi80U3se-24659227", "versionType": "custom"}, {"status": "affected", "version": "7.0", "lessThan": "ESXi70U3sv-24723868", "versionType": "custom"}], "defaultStatus": "unaffected"}], "datePublic": "2025-05-20T11:30:00.000Z", "references": [{"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25717"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "VMware ESXi and vCenter Server contain a reflected cross-site scripting vulnerability due to improper input validation.\u00a0A malicious actor with network access to the login page of certain ESXi host or vCenter Server URL paths may exploit this issue to steal cookies or redirect to malicious websites.", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">VMware ESXi and vCenter Server contain a reflected cross-site scripting vulnerability due to improper input validation.&nbsp;</span>A malicious actor with network access to the login page of certain ESXi host or vCenter Server URL paths may exploit this issue to steal cookies or redirect to malicious websites.<span style=\"background-color: rgb(255, 255, 255);\"><br><br></span><br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "shortName": "vmware", "dateUpdated": "2025-06-24T07:14:21.027Z"}}}, "cveMetadata": {"cveId": "CVE-2025-41228", "state": "PUBLISHED", "dateUpdated": "2025-06-24T07:14:21.027Z", "dateReserved": "2025-04-16T09:29:46.972Z", "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "datePublished": "2025-05-20T14:24:34.436Z", "assignerShortName": "vmware"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "VMware ESXi and vCenter Server contain a reflected cross-site scripting vulnerability due to improper input validation.\u00a0A malicious actor with network access to the login page of certain ESXi host or vCenter Server URL paths may exploit this issue to steal cookies or redirect to malicious websites."}], "id": "CVE-2025-41228", "lastModified": "2025-05-21T20:25:16.407", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "security@vmware.com", "type": "Secondary"}]}, "published": "2025-05-20T15:16:07.943", "references": [{"source": "security@vmware.com", "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25717"}], "sourceIdentifier": "security@vmware.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "security@vmware.com", "type": "Secondary"}]}

{}

{"created": "2025-06-23T19:31:59.561093+00:00", "updated": "2025-06-23T19:31:59.561143+00:00", "vendors": ["vmware", "vmware$PRODUCT$esxi", "vmware$PRODUCT$vcenter_server"]}