CNNVD-202509-4385 Information

CNNVD ID

CNNVD-202509-4385

Related CVE

CVE-2025-41250

• CNNVD Published: 2025-09-29

Description (Chinese)

VMware vCenter是美国威睿（VMware）公司的一款虚拟化管理软件。 VMware vCenter存在安全漏洞，该漏洞源于SMTP标头注入，可能导致操纵计划任务的通知邮件。

Description (English)

VMware vCenter is a virtual management software for VMware. VMware vCenter has a security loophole, which originates from the injection of SMTP markers, which may result in the manipulation of the planned mission ’ s notification mail.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

威睿

Published

2025-09-29

Last Modified

2026-02-24

References

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36150 https://vigilance.fr/vulnerability/VMware-vCenter-Server-spoofing-via-SMTP-Header-Injection-48341

Patch

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36150