VMware Aria Operations Flaw Exploited with Low Privileges
Introduction
A recently disclosed vulnerability in VMware Aria Operations, a solution for infrastructure monitoring, performance optimization, capacity planning, automation, and cost management, has been identified as a significant threat. The vulnerability, CVE-2025-22222, allows a malicious user with non-administrative privileges to retrieve credentials for an outbound plugin if a valid service credential ID is known.
The Vulnerability
The flaw is assigned a CVSS 7.7/10 rating and is similar to a previous bug in the sense that it requires low privilege for exploitation. Broadcom, the vendor responsible for the vulnerability, has issued an advisory stating that a malicious user with non-administrative privileges can exploit this vulnerability.
Impact
The vulnerability affects VMware Aria Operations for Logs version 8.x, VMware Aria Operations version 8.x, and VCF versions 5.x and 4.x. If left unpatched, this flaw could lead to serious consequences, including unauthorized access to sensitive information.
Patch Availability
The vulnerability has been fixed in VMware Aria Operations v8.18.3 and VMware Aria Operations for Logs v8.18.3. Users are advised to follow KB92148 for fixing affected VCF environments.
Conclusion
The recently disclosed vulnerability in VMware Aria Operations is a serious threat that requires immediate attention. Organizations using VMware Aria Operations must prioritize patching this vulnerability to prevent potential exploitation. It is crucial to ensure that all affected systems are updated with the latest security patches to mitigate the risk of this vulnerability.
FAQs
- What is the CVSS rating for the vulnerability? The vulnerability is assigned a CVSS 7.7/10 rating.
- What is the impact of the vulnerability? The vulnerability allows a malicious user with non-administrative privileges to retrieve credentials for an outbound plugin if a valid service credential ID is known.
- What is the scope of the vulnerability? The vulnerability affects VMware Aria Operations for Logs version 8.x, VMware Aria Operations version 8.x, and VCF versions 5.x and 4.x.
- What is the recommended course of action? Users are advised to follow KB92148 for fixing affected VCF environments and update to VMware Aria Operations v8.18.3 and VMware Aria Operations for Logs v8.18.3.
