Vmware Nsx vulnerabilities
3 known vulnerabilities affecting vmware/nsx.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2025-41251HIGHCVSS 8.1vVMware NSX - 9.x.x.x, 4.2.x, 4.1.x, 4.0.xvVMware NSX-T - 3.x+1 more2025-09-29
CVE-2025-41251 [HIGH] CWE-640 CVE-2025-41251: VMware NSX contains a weak password recovery mechanism vulnerability. An unauthenticated malicious a
VMware NSX contains a weak password recovery mechanism vulnerability. An unauthenticated malicious actor may exploit this to enumerate valid usernames, potentially enabling brute-force attacks.
Impact: Username enumeration → credential brute force risk.
Attack Vector: Remote, unauthenticated.
Severity: Important.
CVSSv3: 8.1 (High).
Acknowledgments:
cvelistv5nvd
CVE-2025-41252HIGHCVSS 7.5vVMware NSX 9.x.x.x, 4.2.x, 4.1.x, 4.0.xvVMware NSX-T 3.x+1 more2025-09-29
CVE-2025-41252 [HIGH] CWE-203 CVE-2025-41252: Description: VMware NSX contains a username enumeration vulnerability. An unauthenticated malicious
Description: VMware NSX contains a username enumeration vulnerability. An unauthenticated malicious actor may exploit this to enumerate valid usernames, potentially leading to unauthorized access attempts.
Impact: Username enumeration → facilitates unauthorized access.
Attack Vector: Remote, unauthenticated.
Severity: Important.
CVSSv3: 7.5 (Hi
cvelistv5nvd
CVE-2014-3796MEDIUMCVSS 5.0v6.0v6.0.1+4 more2014-09-15
CVE-2014-3796 [MEDIUM] CWE-20 CVE-2014-3796: VMware NSX 6.0 before 6.0.6, and vCloud Networking and Security (vCNS) 5.1 before 5.1.4.2 and 5.5 be
VMware NSX 6.0 before 6.0.6, and vCloud Networking and Security (vCNS) 5.1 before 5.1.4.2 and 5.5 before 5.5.3, does not properly validate input, which allows attackers to obtain sensitive information via unspecified vectors.
nvd