Unrated severityNVD Advisory· Published Dec 17, 2025· Updated Dec 17, 2025

CVE-2025-67787

Description

An issue was discovered in 25.1.2 before 25.1.5. A Cross Site Scripting (XSS) issue in DriveLock Operations Center allows for session takeover over a network.

Affected products

DriveLock/DriveLock Operations Centerdescription
VMware/Vcenter Operationsllm-fuzzy
Range: >=25.1.2, <25.1.5

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

drivelock.help/versions/current/web/en/releasenotes/Content/ReleaseNotes_DriveLock/SecurityBulletins/25-002-CrossSiteScripting.htmmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000