CVE-2025-22218
published 2025-01-30CVE-2025-22218: VMware Aria Operations for Logs contains an information disclosure vulnerability. A malicious actor with View Only Admin permissions may be able to read the…
high7.7CVSS 3.1
AVNACLPRLUINSCCHINAN
VMware Aria Operations for Logs contains an information disclosure vulnerability. A malicious actor with View Only Admin permissions may be able to read the credentials of a VMware product integrated with VMware Aria Operations for Logs
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| msrc | cbl2_libssh2_1.9.0-3_on_cbl_mariner_2.0 | — | — |
| msrc | cbl_mariner_2.0_arm | — | — |
| msrc | cbl_mariner_2.0_x64 | — | — |
| vmware | aria_operations_for_logs | >= 8.0 < 8.18.3 | 8.18.3 |
| vmware | cloud_foundation | 4.0 – 5.2 | — |
| vmware | vmware_aria_operations_for_logs | >= 8.x < 8.18.3 | 8.18.3 |