CVE-2025-22218

aria_operations_for_logs vulnerability - vmware

High CVSS Score: 8.5 Published: 2025-01-30

Description

VMware Aria Operations for Logs contains an information disclosure vulnerability. A malicious actor with View Only Admin permissions may be able to read the credentials of a VMware product integrated with VMware Aria Operations for Logs

Affected Systems

Vendor	vmware
Product	aria_operations_for_logs
Affected Versions	from 8.0 before 8.18.3; from 4.0 through 5.2
CWE ID	CWE-209

Mitigation

Apply the latest security patches from the vendor, restrict network exposure where applicable, and monitor for exploitation attempts.

Fix Instructions

Refer to the vendor advisory and apply the latest security updates. See references for detailed patching instructions.

References

https://support.broadcom.com/web/ecx/support-content-notific...

Risk Assessment

CVSS: 8.5/10

Exploit Available	Unknown
Patch Available	Yes

Need Help Patching?

Our security team can help assess and remediate this vulnerability in your environment.

Get Help

Stay Ahead of Threats

Subscribe to our vulnerability feed and get instant alerts when new CVEs affect your systems.

Start Monitoring