Vulnerability Details CVE-2025-22220
VMware Aria Operations for Logs contains a privilege escalation vulnerability. A malicious actor with non-administrative privileges and network access to Aria Operations for Logs API may be able to perform certain operations in the context of an admin user.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 16.2%
CVSS Severity
CVSS v3 Score 4.3
Products affected by CVE-2025-22220
-
cpe:2.3:a:vmware:aria_operations_for_logs:8.0
-
cpe:2.3:a:vmware:aria_operations_for_logs:8.10
-
cpe:2.3:a:vmware:aria_operations_for_logs:8.10.2
-
cpe:2.3:a:vmware:aria_operations_for_logs:8.12
-
cpe:2.3:a:vmware:aria_operations_for_logs:8.14
-
cpe:2.3:a:vmware:aria_operations_for_logs:8.14.1
-
cpe:2.3:a:vmware:aria_operations_for_logs:8.16
-
cpe:2.3:a:vmware:aria_operations_for_logs:8.16.1
-
cpe:2.3:a:vmware:aria_operations_for_logs:8.18
-
cpe:2.3:a:vmware:aria_operations_for_logs:8.18.1
-
cpe:2.3:a:vmware:aria_operations_for_logs:8.6
-
cpe:2.3:a:vmware:aria_operations_for_logs:8.8
-
cpe:2.3:a:vmware:cloud_foundation:4.0
-
cpe:2.3:a:vmware:cloud_foundation:4.0.1
-
cpe:2.3:a:vmware:cloud_foundation:4.1
-
cpe:2.3:a:vmware:cloud_foundation:4.1.0.1
-
cpe:2.3:a:vmware:cloud_foundation:4.2
-
cpe:2.3:a:vmware:cloud_foundation:4.2.1
-
cpe:2.3:a:vmware:cloud_foundation:4.3
-
cpe:2.3:a:vmware:cloud_foundation:4.3.1
-
cpe:2.3:a:vmware:cloud_foundation:4.3.11
-
cpe:2.3:a:vmware:cloud_foundation:4.4
-
cpe:2.3:a:vmware:cloud_foundation:4.4.1
-
cpe:2.3:a:vmware:cloud_foundation:4.4.1.1
-
cpe:2.3:a:vmware:cloud_foundation:4.5
-
cpe:2.3:a:vmware:cloud_foundation:4.5.1
-
cpe:2.3:a:vmware:cloud_foundation:4.5.2
-
cpe:2.3:a:vmware:cloud_foundation:5.0
-
cpe:2.3:a:vmware:cloud_foundation:5.1
-
cpe:2.3:a:vmware:cloud_foundation:5.1.1
-
cpe:2.3:a:vmware:cloud_foundation:5.2