Broadcom has published security bulletins for CVE-2025-22218, CVE-2025-22219, CVE-2025-22220, CVE-2025-22221, and CVE-2025-2222:
- CVE-2025-22218: An information disclosure vulnerability would allow a malicious actor with View Only Admin permissions may be able to read the credentials of a VMware product integrated with VMware Aria Operations for Logs.
- CVE-2025-22219: A stored cross-site scripting vulnerability in VMware Aria Operations for Logs would allow a malicious actor with non-administrative privileges may be able to inject a malicious script that may lead to arbitrary operations as an admin user.
- CVE-2025-22220: A privilege escalation vulnerability in VMware Aria Operations for Logs would allow a malicious actor with non-administrative privileges and network access to Aria Operations for Logs API to perform certain operations in the context of an admin user.
- CVE-2025-22221: A stored cross-site scripting vulnerability in VMware Aria Operations for Logs would allow a malicious actor with admin privileges to VMware Aria Operations for Logs may be able to inject a malicious script that could be executed in a victim's browser when performing a delete action in the Agent Configuration.
- CVE-2025-22222: An information disclosure vulnerability in VMware Aria Operations would allow a malicious user with non-administrative privileges to retrieve credentials for an outbound plugin if a valid service credential ID is known.
We recommend that you review the Broadcom Security Bulletin to determine whether your devices are vulnerable and follow the recommendations.
