January 31, 2025 By Pierluigi Paganini
Broadcom patched five flaws in VMware Aria Operations and Aria Operations for Logs that could lead to privilege escalation and credential theft.
Broadcom addressed the following vulnerabilities in VMware Aria Operations and Aria Operations for Logs:
- CVE-2025-22218 (CVSS score 8.5) is an information disclosure vulnerability in VMware Aria Operations for Logs. A threat actor with View Only Admin permissions could exploit the issue to read the credentials of a VMware product integrated with VMware Aria Operations for Logs.
- CVE-2025-22219 (CVSS score: 6.8) is a stored cross-site scripting vulnerability. An attacker with non-admin privileges could exploit a stored XSS vulnerability to execute arbitrary actions as an admin user.
- CVE-2025-22220 (CVSS score: 4.3) – is a privilege escalation vulnerability. A threat actor with network access to the Aria Operations for Logs API could exploit a vulnerability to execute actions with admin privileges.
- CVE-2025-22221 (CVSS score: 5.2) – is a stored cross-site scripting vulnerability. An attacker with admin privileges in VMware Aria Operations for Logs could inject a malicious script, which may execute in a victim’s browser during an Agent Configuration delete action.
- CVE-2025-22222 (CVSS score: 7.7) is an information disclosure vulnerability. A malicious user with non-administrative privileges could exploit this issue to retrieve credentials for an outbound plugin if a valid service credential ID is known.
