CNNVD-202509-4378 Information
CNNVD ID
CNNVD-202509-4378
Related CVE
- CNNVD Published: 2025-09-29
Description (Chinese)
VMware Cloud Foundation和VMware NSX都是美国威睿(VMware)公司的产品。VMware Cloud Foundation是一套一体化混合云平台。该平台包括运维自动化、基础架构自动配置和集成式生命周期管理等功能。VMware NSX是一个完整的 L2-L7 网络和安全虚拟化平台。为虚机提供了虚拟化的网络,把虚机和物理网络相隔离,做到了网络服务与具体的物理网络设备无关,使得用户在网络设备的选择和采购上有着更大的灵活性。 VMware Cloud Foundation和VMware NSX安全漏洞,该漏洞源于密码恢复机制薄弱,可能导致用户名枚举和暴力破解攻击。
Description (English)
VMware Cloud Foundation and VMware NSX are products of VMware. VMware Cloud Foundation is an integrated, hybrid cloud platform. The platform includes functionality such as operational automation, automatic configuration of the infrastructure and integrated life-cycle management. VMware NSX is a complete L2-L7 network and secure virtual platform. The virtualization of the network is provided, the separation of the network from the physical network, and the fact that the network service is not related to specific physical network equipment allows users greater flexibility in the selection and procurement of network equipment. VMware Cloud Foundation and VMware NSX security breach, which stems from weak password restoration mechanisms, may lead to user naming and violent break-up attacks.
Hazard Level
Medium
Affected Vendor
威睿
Published
2025-09-29
Last Modified
2026-02-24