Primary

Context

VMware vCenter Denial-of-Service Vulnerability

Vulnerability

Patched

A denial-of-service vulnerability has been identified in VMware vCenter. This issue allows an authenticated actor with permission to make API calls for guest operating system customization to create a denial-of-service condition.

Impact

Exploitation of this vulnerability leads to a denial-of-service condition, causing affected vCenter services to become unavailable or unresponsive.

Remediation

Users can upgrade to VMware vCenter versions 8.0 U3g or 7.0 U3v. VMware Cloud Foundation users should refer to the VMware Cloud Foundation Patching Guide: KB88287. VMware Telco Cloud Platform and Telco Cloud Infrastructure users can consult KB405542 for patching instructions.

Added: Jul 29, 2025, 1:30 PM

Updated: Jul 29, 2025, 2:29 PM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

2.5

exploitability

4.9

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

2.5

exploitability

4.9

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

VMware vCenter Denial-of-Service Vulnerability

Vulnerability

Impact

Remediation

Affected Products

VMware vCenter

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating