CVE-2025-22220

Medium CVSS: 4.3

VMware Aria Operations for Logs contains a privilege escalation vulnerability. A malicious actor with non-administrative privileges and network access to Aria Operations for Logs API may be able to perform certain operations in the context of an admin user.

Vendor

Vmware

Product

Aria Operations For Logs

CWE

CWE-269

Yayın Tarihi

2025-01-30 16:15:31

Güncelleme

2025-05-14 16:46:59

Source Identifier

security@vmware.com

KEV Date Added

Kategoriler

CWE-269 Aria Operations For Logs MEDIUM Vmware 2025

Referanslar

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25329

Benzer Kayıtlar

High

CVE-2026-22729

A JSONPath injection vulnerability in Spring AI's AbstractFilterExpressionConverter allows authenticated users to bypass…

High

CVE-2026-22730

A critical SQL injection vulnerability in Spring AI's MariaDBFilterExpressionConverter allows attackers to bypass metada…

Medium

CVE-2026-22721

VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with privileges in vCenter to ac…

High

CVE-2026-22720

VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with privileges to create…

High

CVE-2026-22719

VMware Aria Operations contains a command injection vulnerability. A malicious unauthenticated actor may exploit this is…

High

CVE-2025-41244

VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with…