CVE-2025-22219

Medium

Published: 30 January 2025

Published

30 January 2025

Modified

14 May 2025

KEV Added

—

Patch

—

CVSS Score 6.8 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

EPSS Score 0.0021 43.4th percentile

Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Description

VMware Aria Operations for Logs contains a stored cross-site scripting vulnerability. A malicious actor with non-administrative privileges may be able to inject a malicious script that (can perform stored cross-site scripting) may lead to arbitrary operations as admin user.

Security Summary

CVE-2025-22219 is a stored cross-site scripting (XSS) vulnerability, classified under CWE-79, in VMware Aria Operations for Logs. Published on 2025-01-30, it carries a CVSS v3.1 base score of 6.8 (AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H). The flaw allows a malicious actor with non-administrative privileges to inject a malicious script that enables stored XSS attacks.

An attacker requires non-administrative privileges on the affected system to exploit this vulnerability over the network with low complexity. Exploitation depends on user interaction, typically an administrative user viewing or interacting with the injected content, after which the malicious script executes in the admin's context. Successful exploitation can lead to arbitrary operations as the admin user, resulting in high confidentiality, integrity, and availability impacts.

The Broadcom security advisory at https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25329 provides further details on the vulnerability, including recommended mitigations and patches.

Details

CWE(s): CWE-79

Affected Products

vmware

aria operations for logs

8.0 — 8.18.3

vmware

cloud foundation

4.0 — 5.2

References

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25329
Vendor Advisory · security@vmware.com