CVE-2025-22218

CVSS 3.1 Score 8.5 of 10 (high)

Details

Published Jan 30, 2025

Summary

CVE-2025-22218 is an information disclosure vulnerability affecting VMware Aria Operations for Logs. Malicious actors with View Only Admin permissions can exploit this flaw to read the credentials of VMware products integrated with the platform. This vulnerability poses a significant risk, as unauthorized access to sensitive information can lead to serious data breaches and unauthorized system access. VMware has released a patch to address this issue, and it is recommended that all affected organizations apply the patch as soon as possible to mitigate the risk. Failure to do so could result in potential data breaches and unauthorized system access.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database