VMware has released security updates addressing multiple vulnerabilities in its Aria Operations and Aria Operations for Logs products. These patches aim to prevent malicious actors from gaining administrative-level access through these flaws.

Understanding the Vulnerabilities

Among the most critical of the issues are two information disclosure vulnerabilities, identified as CVE-2025-22218 and CVE-2025-22222. These can potentially allow attackers to elevate access privileges.

Key Vulnerability Details

  • CVE-2025-22218: This vulnerability impacts the Aria Operations for Logs product. Users with 'View Only Admin' permissions might exploit this issue to access credentials for an integrated VMware product. It holds a CVSS severity score of 8.5 out of 10.
  • CVE-2025-22222: Affects Aria Operations and involves users with non-admin privileges gaining access to credentials for an outbound plugin, provided they know a valid service credential ID.

In addition to these, the company has also addressed moderate-severity vulnerabilities that could lead to stored cross-site scripting (XSS) attacks, where non-admin users could potentially execute scripts with admin privileges, enabling unauthorized activities.

Patching Imperatives

Another fixed vulnerability involves broken access control in Aria Operations for Logs, which could be abused by non-admin users with network access to perform admin-level operations.

VMware strongly recommends applying these patches as there are no workaround solutions available. Users should update to Aria Operations for Logs version 8.18.3 and Aria Operations version 8.18.3 to mitigate these security risks.

The link has been copied!