By Lerpong Intaraworrapath | March 11th, 2025
VMware Aria Automation update addresses a server side request forgery vulnerability (CVE-2025-22215)
| Advisory ID: | VMSA-2025-0001 |
| Advisory Severity: | Moderate |
| CVSSv3 Range: | 4.3 |
| Synopsis: | VMware Aria Automation update addresses a server side request forgery vulnerability (CVE-2025-22215) |
| Issue date: | 2025-01-07 |
| Updated on: | 2025-01-07 |
| CVE(s) | CVE-2025022215 |
Impacted Products:
- VMware Aria Automation
- VMware Cloud Foundation
Introduction:
A server-side request forgery (SSRF) vulnerability in VMware Aria Automation was responsibly reported to VMware. Patches are available to remediate this vulnerability in affected VMware products.
Descriptions:
VMware Aria Automation contains a server-side request forgery (SSRF) vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.3.
Known Attack Vectors:
A malicious actor with “Organization Member” access to Aria Automation may exploit this vulnerability enumerate internal services running on the host/network.
Resolution:
To remediate CVE-2025-22215 apply the patches listed in the ‘Fixed Version’ column of the ‘Response Matrix’ found below.
Response Matrix:
| Product | Version | Running On | CVE | CVSSv3 | Severity | Fixed Versions | Workarounds | Additional Documentations |
| VMware Aria Automation | 8.x | Any | CVE-2025-22215 | 4.3 | Moderate | 8.18.1 patch 1 | None | None |
| VMware Cloud Foundation | 5.x, 4.x | Any | CVE-2025-22215 | 4.3 | Moderate | KB 385294 | None | None |
References:
- https://support.broadcom.com/web/ecx/solutiondetails?patchId=5747
- https://techdocs.broadcom.com/us/en/vmware-cis/aria/aria-automation/8-18/vmware-aria-automation-release-notes.html
Mitre CVE Dictionary Links:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22215
FIRST CVSSv3 Calculator:
https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N