Analysis Summary

CVE-2025-22215

VMware Aria Automation contains a server-side request forgery (SSRF) vulnerability. A malicious actor with "Organization Member" access to Aria Automation may exploit this vulnerability enumerate internal services running on the host/network.

Impact

• Gain Access

Indicators of Compromise

CVE

• CVE-2025-22215

Affected Vendors

Affected Products

Remediation

Refer to VMware Website for patch, upgrade, or suggested workaround information.

VMware Website