CyberSecurity updates
2025-02-21 23:17:42 Pacfic
2025-02-21 23:17:42 Pacfic
VMware Aria Flaws Expose Credentials and Data - 21d
Read more: support.broadcom.com
ImgSrc: www.csoonline.com
Multiple vulnerabilities have been discovered in VMware Aria Operations and Aria Operations for Logs. These include information disclosure flaws allowing credential exposure, stored cross-site scripting, and privilege escalation issues. An attacker could use these vulnerabilities to gain unauthorized access to sensitive data and escalate privileges, potentially compromising the entire system. Patches are available and should be applied immediately.
ImgSrc: www.csoonline.com
References:
- @screaminggoat - VMware security advisory 30 January 2024: CVE-2025-22218 (8.5 high) VMware Aria Operations for Logs information disclosure vulnerability CVE-2025-22219 (6.8 medium) VMware Aria Operations for Logs sto - 21d
- The Hacker News - Broadcom Patches VMware Aria Flaws – Exploits May Lead to Credential Theft - 21d
- News | CSO Online - VMware offers fixes to severe vulnerabilities in VMware Aria - 21d
- support.broadcom.com - VMware Aria Operations and VMware Aria Operations for Logs components are affected by multiple vulnerabilities. - 21d
- @screaminggoat - Details about the security flaws impacting VMware Aria Operations and VMware Aria Operations for Logs. - 20d
Classification:
- HashTags: VMwareSecurity CloudSecurity Vulnerability
- Company: VMware
- Target: VMware Users
- Product: Aria Operations
- Feature: SQLi, XSS, privilege escalatio
- Type: Vulnerability
- Severity: Major