Broadcom has patched a series of significant vulnerabilities in VMware Aria Operations and Aria Operations for Logs. These flaws, if left unaddressed, could lead to privilege escalation and credential theft.

Details of the Vulnerabilities

Below is the list of vulnerabilities found in VMware Aria Operations and Aria Operations for Logs:

  • CVE-2025-22218 (CVSS score: 8.5): An information disclosure vulnerability affecting Aria Operations for Logs. Attackers with View Only Admin permissions could potentially access the credentials of integrated VMware products.
  • CVE-2025-22219 (CVSS score: 6.8): A stored cross-site scripting vulnerability. This flaw allows attackers with non-admin rights to perform arbitrary actions with admin privileges.
  • CVE-2025-22220 (CVSS score: 4.3): A privilege escalation vulnerability. Threat actors with network access to the Aria Operations for Logs API might execute tasks with administrative privileges.
  • CVE-2025-22221 (CVSS score: 5.2): Another stored XSS issue. Admin-level attackers could inject harmful scripts, triggering execution during an Agent Configuration delete action.
  • CVE-2025-22222 (CVSS score: 7.7): This is an information disclosure vulnerability. It allows non-admin users to extract plugin credentials, given they have a valid service credential ID.

These vulnerabilities affect VMware Aria Operations versions 8.x and VMware Cloud Foundation versions 5.x and 4.x. The issues have been resolved in VMware Aria Operations Version 8.18.3.

Discovery and Reporting

The vulnerabilities were initially discovered by security teams from Michelin CERT and Abicom, including researchers such as Maxime Escourbiac, Yassine Bengana, and Quentin Ebel. Notably, Broadcom has clarified that no known exploits of these vulnerabilities have been observed in the field.

The link has been copied!