Launched in October 2022, vSphere 8 revolutionized hardware utilization through the Distributed Services Engine for DPUs and the vSAN Express Storage Architecture (ESA). Subsequent updates focused on operational improvements, such as „Configuration Profiles“ and enhanced lifecycle management, culminating in Update 3 with optimizations for AI workloads. Parallel to this, VMware Cloud Foundation (VCF) 5 was released, utilizing vSphere 8 as its technological core and integrating it with vSAN and NSX into a comprehensive solution. VCF 5 successively adopted innovations like vSAN ESA to provide them centrally and automatically via the SDDC Manager. Together, these products form a powerful cloud platform, but the architectural shifts introduce new levels of complexity. Using unsupported software carries significant risks. Security vulnerabilities remain unpatched, making systems more susceptible to attacks and there are no further technical updates or support available. This can result in data loss, system outages and potentially high costs due to cyberattacks or legal implications. Upgrading to VCF 9 is not only an investment in the future but also a safeguard against the risks posed by outdated software.
KB Articles
Some new and updated KB articles
Subject
ID
NSX preparation failed on ESXi host due to associated stale logical ports to the host
424917
No alarm raised for Tier-0 or Tier-1 gateway failover after Edge vMotion.
Curious about VMware Explore in 2026? Join our community of Explore Insiders and be first in line to get the new announcements on VMware Explore events. Get fresh content, member perks, and the latest intel. Become an Insider today.
The virtualization landscape is evolving—and so are the threats and technologies that shape it. Join Austin Gadient, CTO and Cofounder of Vali Cyber, for a forward-looking exploration of how virtualization security will continue transforming in 2026. Drawing from industry research and real-world defense data, Austin will discuss emerging trends in hypervisor protection, AI workload isolation, and compliance-driven security models. Attendees will gain a clear view of where the market is heading, what challenges to expect, and how to build resilient, preemptive defense strategies for virtualization environments.
After environment shutdown and restart: vSphere DRS functionality was impacted due to unhealthy state vSphere Cluster services caused by the unavailability of vSphere Cluster Service VMs.
417645
ERROR: ‚LCMVROPSSYSTEM29002′, message:’VMware Aria Operations collector group operation failure‘ while performing inventory sync on Aria Suite LCM.
VMUG Connect is expanding! In 2026, we’re delivering more of what you love: deeper technical dives, richer discussions, and powerful in-person connections to five locations. This is where progress is powered by community, and where VMware professionals around the globe come together to drive what’s next.
Over the years, we’ve had many customers looking for visibility into more advanced ESXi Host and VM properties (beyond those already being captured by VCF Operations), so we started there. Broadcom Technical Account Manager Onur Yuzseven has been leading the development effort of a Management Pack for VCF Operations called the VCF Operations vCommunity Management Pack.
If you’re looking at the calendar and thinking ‘I didn’t do enough this year,’ you might feel it’s too late to start contributing to the community. It’s never too late to become a vExpert, and let me explain. If you start today on one or some of the activities described later in this article, you can still build a strong application for the 2026 vExpert program. For example, writing 3 to 5 well-written, in-depth articles on how to do memory tiering, or telling your story how moving back to on-prem reduced your IT spend, shows a significant commitment to the community.
Deploying NVIDIA Run:ai on VCF empowers enterprises to build scalable, secure, and efficient AI platforms. Whether starting fresh or enhancing existing deployments with VKS, customers gain flexibility, performance, and the enterprise-grade features they depend on. VCF allows your enterprise to focus on accelerating AI development and ROI, not on the low-level, high-risk business of building and managing infrastructure. It provides the automated, resilient, and secure foundation that production AI workloads demand, letting NVIDIA Run:ai do what it does best – maximize GPU utilization.
For troubleshooting purposes, users may need to access the ESXi Direct Console User Interface (DCUI), either remotely through an out-of-band system like an iDRAC or iLO, or directly from the physical server.
Over the last couple of months, various new vSAN features were announced. Two of those features are around the Stretched Cluster configuration, and have probably been the number 1 feature request for a few years. Now that we have Site Takeover and Site Maintenance functionality available, I am starting to get some questions about the impact of them, and in particular, the Site Takeover functionality is raising some questions.
Broadcom’s VMware Cloud Foundation (VCF) certifications are designed to prepare IT professionals to build and manage modern private cloud environments using VMware technologies. These certifications validate both theoretical knowledge and hands-on skills across the VMware vSphere Foundation and the broader VMware Cloud Foundation stack, including Compute, Network, Storage, Automation, and Kubernetes. With role-based paths for administrators, architects, and support professionals, VMware Cloud Foundation certifications help I.T. pros stay competitive and aligned with evolving private cloud infrastructure trends.
Impact of the fix for 『ESXi fails to boot on systems with more than 512 logical CPUs in one NUMA node』
412076
„A general system error occurred: Image is not valid. Software Solution com.vmware.vsphere-wcp with version 9.0.1.##.#.#-######## cannot be found in depot“, Image authoring in vLCM may fail even when the corresponding depots are imported into vLCM
Join us for a special 2-hour Architect’s Edge Live AMA (Ask Me Anything) + Expert Panel, built to turn uncertainty into clarity. You’ll get:Live answers to your toughest adoption questions — no scripts, no fluff.Insights from specialists who have navigated greenfield, brownfield, and hybrid approaches.Real-world examples showing how organizations overcame perceived. blockers in areas like storage choice, NSX integration, operational security, and multi-site scale.Practical tips to avoid hidden pitfalls and accelerate time-to-value.Christopher Kusek | William Lam | John Nicholson | Bob Plankers | Chris McCain | Brock Peterson | Jon Schulz | Vincent Riccio | Victoria Gimma | Hersey Cartwright | Moe Ziaee | Eric Gray | Steve Ngo | Renee White | Shawn Kelly | Plus other special guest panelists!
This month’s edition is packed with updates, milestones, and urgency — and yes, we deliberately held off on publishing until today so we could bring you the fresh news of VCF 9.0.1 and Aria 8.18.5 hot off the press.
Good news: The VMware Explore 2025 in Las Vegas Video Library is now open for all! Tap into a discovery powerhouse with on-demand sessions anytime, on-demand.
Whilst Microsoft SQL Server is still in technical preview in Data Services Manager 9.0.1, our team continues to release significant enhancements for our customers as we gravitate towards full support. As I mentioned in the DSM 9.0.1 overview post, this release includes the ability to specify […]
With the release of VMware Cloud Foundation (VCF) 9.0, a new architectural construct has been introduced called a VCF Fleet. This brings centralized fleet management and provides modern workload consumption across multiple VCF instances, all managed through a single deployment of VCF Automation [..]
The General Session from VMware Explore 2025 in Las Vegas The General Session from VMware Explore 2025 in Las Vegas showcases exciting new advancements in private cloud, AI and app delivery. Hear directly from Broadcom leaders, VMware experts and trailblazing customers as they share real-world insights on how to better run, scale and secure your enterprise workloads.
The General Session from VMware Explore 2025 in Las Vegas The General Session from VMware Explore 2025 in Las Vegas showcases exciting new advancements in private cloud, AI and app delivery. Hear directly from Broadcom leaders, VMware experts and trailblazing customers as they share real-world insights on how to better run, scale and secure your enterprise workloads.
Missed the general session with Hock Tan and other leaders? Watch the replay. 🎥
Office Recap from the VMware Blog
Day 1
Day 1 of VMware Explore 2025 in Las Vegas kicked off with visionary keynotes, unveiling bold strategies and the latest innovations shaping the future of multi‑cloud. 140 sessions across all four tracks, endless hallway conversations, and a few “just one more coffee” moments with the community to keep the pace. [Read more] | [Youtube]
Day 2
This morning’s general session was one of the major highlights of the week, with Broadcom leaders, VMware experts, and innovative customers showcasing the latest in private cloud, AI, and app delivery. The key message? VMware Cloud Foundation (VCF) 9.0 is designed to help enterprises optimize, scale, and secure workloads in today’s complex cloud environment. [Read more] | [Youtube]
Day 3
Day 3 Highlights ranged from the thrilling Odyssey Tournament to certifications, letting participants experience innovation firsthand. Today brought an action-packed schedule with 56 breakout sessions, 17 Booth Theater sessions, 18 Meet the Expert Roundtables, 16 Quick Talks, and 13 Hands-on Labs Expert-led Workshops. Add in the 40 demos held at the VMware by Broadcom booth this week, and attendees had no shortage of opportunities to expand their skills, test new features, and connect with experts. [Read more] [Youtube]
Day 4
Day 4 wrapped up VMware Explore 2025 in Las Vegas with over 400 sessions, hands‑on labs, and expert talks showcasing the future of private AI and VMware Cloud Foundation 9.0. Attendees connected, earned certifications, and explored innovations across cloud, AI, networking, and security. The momentum continues with Explore on Tour bringing curated content and labs to cities worldwide. [Read more]
Post-Event Recap
That’s a wrap on VMwareExplore 2025 in Las Vegas. 400+ sessions, endless innovation, and a community that keeps growing stronger.
VMware Explore 2025 Live Recap with Six Five on The Road with Hock Tan und Paul Turner
At VMware Explore 2025, host Daniel Newman, CEO and Chief Analyst at The Futurum Group, is joined by Broadcom’s Hock Tan, President and CEO, for a conversation on the highlights from his general session keynote. This session focuses on how VMware Cloud Foundation 9.0 is influencing enterprises both large and small, and how it is unifying IT practitioners and developers by addressing and eliminating the “three points of friction.”
He also joined by Broadcom’s Paul Turner, Vice President, VCF Products, for a conversation on customer momentum around VMware Cloud Foundation (VCF) and how Broadcom is influencing the next generation of private clouds by providing infrastructure at the speed of the developer, enabling Private AI as a Service, and advancing cyber resilient data strategies.
At VMware Explore 2025, Broadcom announced VMware Private AI Services will become a standard component of VMware Cloud Foundation 9.0, making VCF an AI native platform. With VCF 9.0 now generally available, customers can adopt a unified, AI native platform for secure, modern private cloud infrastructure at scale. More about Private AI:Foundations of Private AI – Episode 1 – IntroductionNew Innovations from Broadcom with NVIDIAExciting News for Private AI at VMware Explore 2025Introducing VCF Intelligent AssistNew VCF Private AI Services FeaturesNew Integrations with NVIDIA and AMD
The new VCF Advanced Cyber Compliance service delivers continuous compliance enforcement, automated cyber recovery, and enhanced platform security — tackling threats from ransomware to AI‑specific attack surfaces. Upgrades to VMware vDefend and Avi Load Balancer add Zero Trust protections for AI workloads, advanced threat detection, post‑quantum cryptography, and stronger web‑level defenses, simplifying security while closing critical gaps. More about vDefend: Exploring VMware Cloud Foundation: VMware vDefend (Webinar Serie) Explore Sessions: Demystifying VMware vDefend Distributed Security Within VMware Cloud Foundation [NSLB1076LV]Security Reference Design for VMware Cloud Foundation [NSLB1836LV]VMware vDefend Distributed Firewall Operational Overview [NSLB1623LV]Building Secure Private AI Deep Dive [INVB1432LV] More about AVI Load Balancer: Explore Sessions: Avi Load Balancer integration with VCF 9: Driving Private Cloud to New Heights [NSLB1723LV]Self-Service Automation with VMware Avi Load Balancer [NSLB1194LV]
We introduced VMware Tanzu Data Intelligence and Tanzu Platform 10.3 at VMware Explore 2025, delivering a unified, AI‑ready data lakehouse and enhanced application platform for faster, more secure GenAI innovation. Tanzu Data Intelligence offers low‑latency, multimodal data access with built‑in governance, vector search, and real‑time analytics to power next‑gen AI apps. Tanzu Platform 10.3 adds advanced fleet management, transparent security dashboards, AI model controls, and modernization tools — helping enterprises accelerate AI adoption while keeping costs predictable≠≠ More about Tanzu Data IntelligenceUnify Your Data to Accelerate AI Application Delivery with Tanzu Data IntelligenceTanzu Data Intelligence Features More about Tanzu Platform 10.3Powering the Next Generation of AI Applications with Tanzu Platform 10.3
VMware Good2Know is back! After a few weeks of vacation and a mountain of to-dos, the VMware newsletter returns with fresh updates, insights, and tips to keep you in the loop. Stay tuned for what’s new and noteworthy in the VMware universe.
VMware Explore
Las Vegas
Can’t attend in person? Our live broadcast will take you there. Don’t miss the general session streaming live on Tuesday, August 26 from 9:00 – 10:00 AM PDT. Get notified when we go live. Sign up for the VMware Explore Insider newsletter for live broadcast reminders, video library updates, future event announcements, and more. Recordings from Explore 2025 in Las Vegas will be released on Wednesday, October 1. Add to Calender | Join Insider
Aria Operations for Networks 6.14.0 shows GUI Error „Time Range exceed data retention period of 15 days. Please select a different time range“ when running GUI queries
408341
Storage vMotion failed for VM with error „Error caused by file /vmfs/volumes/<datastore_UUID>/VM-FOLDER/<VM_NAME>.vmdk“
Although still very useful, the ESXi 8.0U3c release dates back to 12 December 2024 while the latest version (at the moment of writing) is ESXi 8.0U3g from 29 July 2025. See [KB316595 – Build numbers and versions of VMware ESXi/ESX]. This means additional time and work to upgrade each host after deployment. Now wouldn’t it be cool to have the latest ESXi version available as OVA file? If your answer is yes, then this post is for you! With the heavy lifting already done by William and a bit of help from my engineering colleague Jianguo Guo I managed to create Nested OVAs for ESXi 8.0U3g and ESX 9.0
The VMware Hands-on Labs portal is currently offline as our team is at VMware Explore Las Vegas to bring the labs experience live to the event.If you are at Explore, come visit us in the Hands-on Labs room and try the latest labs in person. We can’t wait to see you there!The Hands-on Labs portal will be back online August 29, 2025.A new batch of labs will be available starting the week of September 1, 2025Thanks for your patience and support—we’re excited to share the next wave of labs with you!— The Hands-on Labs Team
Getting VCF 9 right is about more than just racking servers and running an installer. It’s about designing for the future state of your business, aligning your operational model, and making sure the technology serves your people, not the other way around. That’s exactly where the Broadcom Knights come in.If your goal is to make VCF 9 the foundation for a modern, secure, and scalable private cloud, having a Knight on your side isn’t just helpful, it’s the smart move. Here is how to find the Knight for you: Go Here
Get ready for VMware Explore 2025 in Las Vegas! In this episode of Virtually Speaking, hosts Pete Flecha and John Nicholson are joined by Brad Tompkins, Executive Director of VMUG, to preview what attendees can expect at this year’s event. They cover:The latest technical sessions and free certification opportunities for full pass holdersVMUG activities, including their booth (#105), member reception at Wakuta, and exclusive VMUG Advantage discount (15% off with code Explore2025) for home lab access to VCF, vDefend, and Avi Load BalancerPete’s upcoming session on private cloud repatriation and the Virtually Speaking podcast booth, where they’ll be interviewing expertsThe power of community connections, customer-to-PM feedback, and the all-important “hallway track”Fun highlights like the party at the Palazzo pool deck featuring the Honey Buckets.
Brad Tompkins comes on the show to talk about VMUG at Explore, the Reception, Sessions, Booth and the all important Advantage discount. Also don’t forget your VCP certification for your home lab licenses.
I am happy about the announcement that VMware Cloud Foundation 9.0 is generally available from today. There are countless changes with this release. I will go into some of them myself in the coming days, but I would like to share an overview with you for the first step. From my personal point of view, these links are very valuable for getting an initial overview of VCF 9.
CVE(s) – VMware Cloud Foundation Directory Traversal Vulnerability (CVE-2025-41229) – VMware Cloud Foundation Information Disclosure Vulnerability (CVE-2025-41230) – VMware Cloud Foundation Missing Authorisation Vulnerability (CVE-2025-41231)
Description CVE-2025-41229: VMware Cloud Foundation contains a directory traversal vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.2. A malicious actor with network access to port 443 on VMware Cloud Foundation may exploit this issue to access certain internal services. To remediate CVE-2025-41229 apply the updates listed in the ‚Fixed Version‘ column of the ‚Response Matrix‘ below to affected deployments. VMware would like to thank Gustavo Bonito of NATO Cyber Security Centre (NCSC) for reporting this issue to us. CVE-2025-41230: VMware Cloud Foundation contains an information disclosure vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.5. A malicious actor with network access to port 443 on VMware Cloud Foundation may exploit this issue to gain access to sensitive information. To remediate CVE-2025-41230 apply the updates listed in the ‚Fixed Version‘ column of the ‚Response Matrix‘ below to affected deployments. VMware would like to thank Gustavo Bonito of NATO Cyber Security Centre (NCSC) for reporting this issue to us. CVE-2025-41231: VMware Cloud Foundation contains a missing authorisation vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.3. A malicious actor with access to VMware Cloud Foundation appliance may be able to perform certain unauthorised actions and access limited sensitive information. To remediate CVE-2025-41231 apply the updates listed in the ‚Fixed Version‘ column of the ‚Response Matrix‘ below to affected deployments. VMware would like to thank Gustavo Bonito of NATO Cyber Security Centre (NCSC) for reporting this issue to us.
CVE(s) – VMware vCenter Server authenticated command-execution vulnerability (CVE-2025-41225) – Guest Operations Denial-of-Service Vulnerability (CVE-2025-41226) – Denial-of-Service Vulnerability (CVE-2025-41227) – VMware ESXi and vCenter Server Reflected Cross Site Scripting (XSS) Vulnerability (CVE-2025-41228)
Description CVE-2025-41225: The vCenter Server contains an authenticated command-execution vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.8. A malicious actor with privileges to create or modify alarms and run script action may exploit this issue to run arbitrary commands on the vCenter Server. To remediate CVE-2025-41225 apply the updates listed in the ‚Fixed Version‘ column of the ‚Response Matrix‘ below to affected deployments. VMware would like to thank Oliver Bachtik and Bert De Bruijn for reporting this issue to us. CVE-2025-41226: VMware ESXi contains a denial-of-service vulnerability that occurs when performing a guest operation. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 6.8. A malicious actor with guest operation privileges on a VM, who is already authenticated through vCenter Server or ESXi may trigger this issue to create a denial-of-service condition of guest VMs with VMware Tools running and guest operations enabled.To remediate CVE-2025-41226 apply the updates listed in the ‚Fixed Version‘ column of the ‚Response Matrix‘ below to affected deployments. VMware would like to thank security researcher Tom Jøran Sønstebyseter Rønning (@L1v1ng0ffTh3L4N) of Statnett (Norway) and Uros Orozel for independently reporting this issue to us. CVE-2025-41227: VMware ESXi, Workstation, and Fusion contain a denial-of-service vulnerability due to certain guest options. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.5. A malicious actor with non-administrative privileges within a guest operating system may be able to exploit this issue by exhausting memory of the host process leading to a denial-of-service condition. To remediate CVE-2025-41227 apply the updates listed in the ‚Fixed Version‘ column of the ‚Response Matrix‘ below to affected deployments. VMware would like to thank the National Security Agency for reporting this issue to us. CVE-2025-41228: VMware ESXi and vCenter Server contain a reflected cross-site scripting vulnerability due to improper input validation. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.3. A malicious actor with network access to the login page of certain ESXi host or vCenter Server URL paths may exploit this issue to steal cookies or redirect to malicious websites. To remediate CVE-2025-41228 apply the updates listed in the ‚Fixed Version‘ column of the ‚Response Matrix‘ below to affected deployments. VMware would like to thank Huang for reporting this issue to us.
Join us for Podcast #727 as we dive into the City of Fort Lauderdale’s VMware Modernization Project with CIO Tamecka McKay and SME & Division Manager Derek Richardson. They’ll share how they’re transforming IT infrastructure, managing large-scale modernization efforts, and overcoming challenges along the way. Plus, we’ll explore Tamecka’s VMUG journey, how community involvement has shaped careers, and her insights from VMware Explore. Don’t miss this episode packed with real-world lessons and expert insights!
You’ve already got the tools—now it’s time to unlock their full potential. Join VMware by Broadcom’s own Bryan Sullins for a lively, myth-busting session exploring the modern VKS. We’ll unpack what’s changed, what’s possible, and how to take advantage of features […]
If you’re already using PowerCLI, you know it’s a powerhouse for automating routine tasks. But you might not know it can unlock advanced operations. These operations are nearly impossible to achieve through the sphere UI alone. PowerCLI: More Than Meets the Eye At VMware, we […]
Are you still using spreadsheets to plan capacity in your Virtual infrastructure? One key requirement when delivering a modern and robust private cloud is to always ensure sufficient capacity for running the apps that grow the business. Unlike Public Clouds, private clouds do not have endless resources, so the ability to manage, monitor, and forecast capacity is critical to success. In this session, learn how VCF Operations can support not only driving a capacity-efficient private cloud but also forecast capacity growth and, ultimately, get rid of those spreadsheets!Speaker: Christopher Lewis. Lead Solutions Architect, VCF Specialist UK&I
Norwegian Public Roads Administration (Statens vegvesen) is the government agency responsible for national and county public roads in Norway. Its remit includes the construction and maintenance of the road network, as well as vehicle inspection, driver training and road safety. With a vision to create a more intelligent, safe and connected transportation ecosystem, the agency wanted to modernize its IT infrastructure to support innovative initiatives like intelligent transport systems and expanded public data access.
Interview: Ketil Bårdsnes (Team Leader for Central Infrastructure NPRA) – Youtube
It is VERY important to understand that VMware/Broadcom does NOT certify hardware and I/O devices, which is still a common miss-conception and/or FUD being thrown out in the community. Our OEM partners ultimately decide which devices to certify for each release and they may choose NOT to re-certify devices for a number of reasons including earlier end-of-sales and end-of-life support. This is not unique to VCF 9.0 and it is not unique pre or post-acquisition of VMware.
NSX Installation on an ESXi Host fails with an error „Failed to install software on host. Host <IP> not reachable. java.rmi.RemoteException: VI SDK invoke exception:javax.net.ssl.SSLHandshakeException: CRL check failed“
Last month, I was invited over to the London VMware User Group (VMUG) to talk about Data Services Manager version 2.2. I was joined by our local business development lead, Scott Lindsay. We were fortunate enough to have our session recorded at the event, so if you would like to watch the video, it is shared below. Kudos to Gareth Edwards for all of the AV work once again.
VMware Cloud Foundation (VCF) delivers a modern, automated infrastructure. A vital, but frequently neglected, element of its operation is enabling password rotations. The svc-nsx-vc-fqdn service account within the vCenter Server SSO domain and SDDC Manager. This account is critical for NSX or LCM functionality and integration between solutions, and its failure – typically due to an expired or incorrect password – can cause significant disruption to your VCF environment. This post will highlight the importance of svc-nsx-vc-fqdn, explain the impact of a failed account, and provide proactive measures to ensure its ongoing health and prevent costly outages.
As shared back in April, the VMware Fling downloads will be migrating to the Free Downloads section within the Broadcom Support Portal (BSP) and this transition has just completed over the weekend. Going forward, any net new or updated VMware Flings will be published on the BSP.
An an insecure file handling vulnerability in VMware Tools was privately reported to VMware. Updates are available to remediate this vulnerability in the affected VMware products. VMware Tools contains an insecure file handling vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 6.1. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within that VM. To remediate CVE-2025-22247 apply the patches listed in the ‚Fixed Version‘ column of the ‚Response Matrix‘ found below.
VMware would like to thank Sergey Bliznyuk of Positive Technologies for reporting this issue to us.
DOM based Cross-site scripting(XSS) vulnerability (CVE-2025-22249)
Description
A DOM based Cross-Site Scripting (XSS) vulnerability in VMware Aria Automation was privately reported to VMware. Patches are available to remediate this vulnerability in affected VMware products. VMware Aria automation contains a DOM based Cross-Site Scripting (XSS) vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.2.
A malicious actor may exploit this issue to steal the access token of a logged in user of VMware Aria automation appliance by tricking the user into clicking a malicious crafted payload URL. To remediate CVE-2025-22249, apply the patches listed in the ‚Fixed Version‘ column of the ‚Response Matrix‘ below.
VMware would like to thank Bartosz Reginiak for reporting this issue to us.
Kubernetes is everywhere these days. Organizations are using Kubernetes to build and run modern apps. VCF is a single platform for containers and VMs with built-in VMware vSphere Kubernetes Service (VKS), a CNCF-certified, upstream-conformant Kubernetes runtime, for organizations to run modern containerized applications alongside traditional VMs on the same infrastructure. Join this session to learn how VCF makes it easy to run modern and traditional workloads side by side and enables cloud admin teams and platform teams to collaborate so much better.
You’ve already got the tools—now it’s time to unlock their full potential.Join VMware by Broadcom’s own Bryan Sullins for a lively, myth-busting session exploring the modern vSphere Kubernetes Service (VKS). We’ll unpack what’s changed, what’s possible, and how to take advantage of features you may not even know you have. Whether you’re a longtime vSphere admin or just Kubernetes-curious, you’ll walk away with a clearer understanding of how VKS fits into your environment—and why it’s more relevant than ever. No fluff. No steep learning curve. Just practical insights to help you activate what’s already there. If you think you know VKS… think again. It’s a new day for vSphere + Kubernetes—and it starts right here.
Explore is extending across the globe as 1 to 1.5 day events that will highlight the top content and insights from Explore in Las Vegas. Each event will include a curated subset of sessions and Hands-on Labs, a meetings program, and networking opportunities. Check back on this page for registration updates and more information coming soon.
Mumbai
09/16-17
Venue Coming Soon
London
09/17-18
Hilton London Metropole
Paris
10/15-16
Maison de la Mutualité
Sydney
10/22
Sofitel Sydney Wentworth
Tokyo *1
10/29
Grand Hyatt Tokyo
Frankfurt
11/12-13
Sheraton Frankfurt Airport Hotel & Conference Center
Kubernetes is everywhere these days. Organizations are using Kubernetes to build and run modern apps. VCF is a single platform for containers and VMs with built-in VMware vSphere Kubernetes Service (VKS), a CNCF-certified, upstream-conformant Kubernetes runtime, for organizations to run modern containerized applications alongside traditional VMs on the same infrastructure. Join this session to learn how VCF makes it easy to run modern and traditional workloads side by side and enables cloud admin teams and platform teams to collaborate so much better.
Hi there, My name is Marcel, I’ve been a Technical Account Manager at VMware since 2018. I am also a father of 3 wonderful children and in the short moments when I have time, I use it to write about VMware or my Smarthome. I am glad that you have found your way here and I hope that I could help you with my blog post.
