CVE-2025-22215 | VMware Aria Automation up to 8.18.1 Organization Member server-side request forgery

Inserito da Angelo Barbosa | Gen 8, 2025 | CVE

A vulnerability was found in VMware Aria Automation up to 8.18.1. It has been classified as critical. This affects an unknown part of the component Organization Member Handler. The manipulation leads to server-side request forgery.

This vulnerability is uniquely identified as CVE-2025-22215. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2025-22215 | VMware Aria Automation up to 8.18.1 Organization Member server-side request forgery

Post correlati

CVE-2023-49956 | Dalmann OCPP.Core up to 1.2.x StopTransaction Message random values

CVE-2024-5165 | Eclipse Ditto up to 3.5.5 Explorer User Interface cross site scripting (Issue 23)

CVE-2024-47801 | Sharp/Toshiba Tec MFP URL cross site scripting

CVE-2024-8134 | D-Link DNS-1550-04 up to 20240814 HTTP POST Request /cgi-bin/hd_config.cgi cgi_FMT_Std2R5_1st_DiskMGR f_source_dev command injection (SAP10383)