QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2025-22218

Back to search

CVE-2025-22218

Published: Jan 30, 2025

Modified: Mar 13, 2025

PUBLISHED

CVSS v3.1

8.5

HIGH

Description

VMware Aria Operations for Logs contains an information disclosure vulnerability. A malicious actor with View Only Admin permissions may be able to read the credentials of a VMware product integrated with VMware Aria Operations for Logs

VendorProductVersions

VMware

VMware Aria Operations for Logs

affected
8.x - < 8.18.3

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

High

Privileges Required

Low

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now