Vmware Vmware Aria Automation
3 CVEs affecting Vmware Vmware Aria Automation. Latest disclosed: 2025-05-13. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-22280 | High | 8.5 | 2024-07-11 | VMware Aria Automation does not apply correct input validation which allows for SQL-injection in the product. An authenticated malicious user could enter speci… |
CVE-2025-22249 | High | 8.2 | 2025-05-13 | VMware Aria automation contains a DOM based Cross-Site Scripting (XSS) vulnerability. A malicious actor may exploit this issue to steal the access token of a l… |
CVE-2025-22215 | Medium | 4.3 | 2025-01-08 | VMware Aria Automation contains a server-side request forgery (SSRF) vulnerability. A malicious actor with "Organization Member" access to Aria Automation may… |