VMSA-2025-0003 VMware Aria Operations for Logs and VMware Aria Operations vulnerability PATCH NOW! - Cybersecurity Forum https://www.virtualizationhowto.com/community/cybersecurity-forum/vmsa-2025-0003-vmware-aria-operations-for-logs-and-vmware-aria-operations-vulnerability-patch-now/ Virtualization Howto Discussion Board en-US Tue, 12 May 2026 15:35:51 +0000 wpForo 60 VMSA-2025-0003 VMware Aria Operations for Logs and VMware Aria Operations vulnerability PATCH NOW! https://www.virtualizationhowto.com/community/cybersecurity-forum/vmsa-2025-0003-vmware-aria-operations-for-logs-and-vmware-aria-operations-vulnerability-patch-now/#post-1154 Thu, 30 Jan 2025 16:32:53 +0000 It seems like these vulnerabilities will never end, but here is another one that VIAdmins need to give attention to. This new high severity vulnerability affects two of the Aria products across the Aria solution line, including: VMware Aria Operations for Logs and VMware Aria Operations and since these are included in VCF, it also affects VCF.

500

What can the vulnerabilities lead to? Note the following that are listed in the official VMSA thred 

  • information disclosure, privilege escalation, and cross-site scripting (XSS) attacks
Note the following affected vulnerabilities:

🔴 Affected Vulnerabilities

CVE ID Impact CVSS Score Description
CVE-2025-22218 Information Disclosure 8.5 (High) Attackers with View Only Admin permissions can read stored credentials.
CVE-2025-22219 Stored Cross-Site Scripting (XSS) 6.8 (Moderate) Non-admin users can inject scripts, leading to arbitrary operations as an admin.
CVE-2025-22220 Broken Access Control 4.3 (Moderate) Non-admin users can execute privileged API operations as an admin.
CVE-2025-22221 Stored Cross-Site Scripting (XSS) 5.2 (Moderate) Admins can inject scripts that execute when performing delete actions.
CVE-2025-22222 Information Disclosure 7.7 (High) Attackers can retrieve credentials for outbound plugins if they know a valid service credential ID.

🛠️ Resolution: Apply Security Patches ASAP

As a note, there are no workarounds. Here are the patched versions:

  • VMware Aria Operations for Logs: 8.18.3
  • VMware Aria Operations: 8.18.3
  • VMware Cloud Foundation: KB92148

🔗 Patch Links & Documentation:

For the deets on the info, you can see the official advisory here:

 

]]> Cybersecurity Forum Brandon Lee https://www.virtualizationhowto.com/community/cybersecurity-forum/vmsa-2025-0003-vmware-aria-operations-for-logs-and-vmware-aria-operations-vulnerability-patch-now/#post-1154