Broadcom has issued crucial security patches addressing five vulnerabilities in VMware Aria Operations and Aria Operations for Logs version 8.x. These security flaws could potentially enable attackers to escalate privileges and access sensitive information.

Key Vulnerabilities:

1. CVE-2025-22218 (CVSS 8.5)
– Allows View Only Admin users to access integrated product credentials

2. CVE-2025-22219 (CVSS 6.8)
– Enables non-admin users to execute malicious scripts through stored XSS attacks

3. CVE-2025-22220 (CVSS 4.3)
– Permits unauthorized API operations with admin privileges

4. CVE-2025-22221 (CVSS 5.2)
– Enables admin users to inject malicious scripts during Agent Configuration deletion

5. CVE-2025-22222 (CVSS 7.7)
– Allows credential retrieval for outbound plugins by non-admin users

The vulnerabilities were discovered by security researchers from Michelin CERT and Abicom. Notably, this team previously identified two other vulnerabilities (CVE-2024-38832 and CVE-2024-38833) in November 2024.

All issues have been resolved in VMware Aria Operations and Aria Operations for Logs version 8.18.3. Currently, no active exploitations have been reported. This update follows Broadcom’s recent advisory regarding a high-severity vulnerability (CVE-2025-22217) in VMware Avi Load Balancer.