Month: March 2025

VMSA-2025-0002 | VMware Avi Load Balancer

By Lerpong Intaraworrapath | March 18th, 2025

VMSA-2025-0002: VMware Avi Load Balancer addresses an unauthenticated blind SQL Injection vulnerability (CVE-2025-22217)

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25346

Advisory ID: VMSA-2025-0002
Severity:Important
CVSSv3 Range:8.6
Synopsis:VMware Avi Load Balancer addresses an unauthenticated blind SQL Injection vulnerability (CVE-2025-22217)
Issue date:2025-01-28
Updated on:2025-01-28 (Initial Advisory)
CVE(s)CVE-2025-22217

Impacted Products:

  • VMware Avi Load Balancer

Introduction:

Avi Load Balancer contains an unauthenticated blind SQL Injection vulnerability which was privately reported to VMware. Patches are available to remediate this vulnerability in affected VMware products. 

Description:

VMware AVI Load Balancer contains an unauthenticated blind SQL Injection vulnerability. VMware has evaluated the severity of the issue to be in the Important severity range with a maximum CVSSv3 base score of 8.6.

Know Attack Vectors:

A malicious user with network access may be able to use specially crafted SQL queries to gain database access.

Resolution:

To remediate CVE-2025-22217 apply the patches to the Avi Controller listed in the ‘Fixed Version’ column of the ‘Response Matrix’ found below.

Response Matrix:

ProductVersionRunning OnCVECVSSv3SeverityFixed VersionWorkaroundsAdditional Documents
VMware Avi Load Balancer30.1.1AnyCVE-2025-222178.6Important30.1.2-2p2 NoneNone
VMware Avi Load Balancer30.1.2AnyCVE-2025-222178.6Important30.1.2-2p2 NoneNone
VMware Avi Load Balancer30.2.1AnyCVE-2025-222178.6Important30.2.1-2p5 NoneNone
VMware Avi Load Balancer30.2.2AnyCVE-2025-222178.6Important30.2.2-2p2 NoneNone

References:

Fixed Version(s) and Release Notes:

30.1.1/30.1.2
https://techdocs.broadcom.com/us/en/vmware-security-load-balancing/avi-load-balancer/avi-load-balancer/30-1/vmware-avi-load-balancer-release-notes/release-notes-30-1-2.html

30.2.1
https://techdocs.broadcom.com/us/en/vmware-security-load-balancing/avi-load-balancer/avi-load-balancer/30-2/vmware-avi-load-balancer-release-notes/release-notes-for-avi-load-balancer-version-30-2-1.html

30.2.2
https://techdocs.broadcom.com/us/en/vmware-security-load-balancing/avi-load-balancer/avi-load-balancer/30-2/vmware-avi-load-balancer-release-notes/release-notes-for-avi-load-balancer-version-30-2-2.html

Additional Documentation:

  • Version 22.x and 21.x are not vulnerable.
  • Version 30.1.1 must be upgraded to 30.1.2 or later before the patch can be applied.

Mitre CVE Dictionary Links:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22217

FIRST CVSSv3 Calculator:

https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

Noted:

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25346



VMSA-2025-0001 | VMware Aria Automation

By Lerpong Intaraworrapath | March 11th, 2025

VMware Aria Automation update addresses a server side request forgery vulnerability (CVE-2025-22215)

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25312

Advisory ID:VMSA-2025-0001
Advisory Severity:Moderate
CVSSv3 Range:4.3
Synopsis:VMware Aria Automation update addresses a server side request forgery vulnerability (CVE-2025-22215)
Issue date:2025-01-07
Updated on:2025-01-07
CVE(s)CVE-2025022215

Impacted Products:

  • VMware Aria Automation
  • VMware Cloud Foundation

Introduction:

 A server-side request forgery (SSRF) vulnerability in VMware Aria Automation was responsibly reported to VMware. Patches are available to remediate this vulnerability in affected VMware products. 

Descriptions:

VMware Aria Automation contains a server-side request forgery (SSRF) vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.3.

Known Attack Vectors:

A malicious actor with “Organization Member” access to Aria Automation may exploit this vulnerability enumerate internal services running on the host/network.

Resolution:

To remediate CVE-2025-22215 apply the patches listed in the ‘Fixed Version’ column of the ‘Response Matrix’ found below.

Response Matrix:

ProductVersionRunning OnCVECVSSv3SeverityFixed VersionsWorkaroundsAdditional Documentations
VMware Aria Automation8.xAnyCVE-2025-222154.3Moderate8.18.1 patch 1NoneNone
VMware Cloud Foundation5.x, 4.xAnyCVE-2025-222154.3ModerateKB 385294NoneNone

References:

Mitre CVE Dictionary Links:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22215

FIRST CVSSv3 Calculator:

https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Noted:

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25312