CNNVD-202509-4377 Information
CNNVD ID
CNNVD-202509-4377
Related CVE
- CNNVD Published: 2025-09-29
Description (Chinese)
VMware Cloud Foundation和VMware NSX都是美国威睿(VMware)公司的产品。VMware Cloud Foundation是一套一体化混合云平台。该平台包括运维自动化、基础架构自动配置和集成式生命周期管理等功能。VMware NSX是一个完整的 L2-L7 网络和安全虚拟化平台。为虚机提供了虚拟化的网络,把虚机和物理网络相隔离,做到了网络服务与具体的物理网络设备无关,使得用户在网络设备的选择和采购上有着更大的灵活性。 VMware Cloud Foundation和VMware NSX存在安全漏洞,该漏洞源于用户名枚举漏洞,可能导致未经授权的访问尝试。
Description (English)
VMware Cloud Foundation and VMware NSX are products of VMware. VMware Cloud Foundation is an integrated, hybrid cloud platform. The platform includes functionality such as operational automation, automatic configuration of the infrastructure and integrated life-cycle management. VMware NSX is a complete L2-L7 network and secure virtual platform. The virtualization of the network is provided, the separation of the network from the physical network, and the fact that the network service is not related to specific physical network equipment allows users greater flexibility in the selection and procurement of network equipment. There is a security loophole in VMware Cloud Foundation and VMware NSX, which stems from a user-name gap that may lead to unauthorized access attempts.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
威睿
Published
2025-09-29
Last Modified
2026-02-24
References
Patch
https://https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36150
Share on: