Severity
High
Analysis Summary
CVE-2025-22217
Avi Load Balancer contains an unauthenticated blind SQL Injection vulnerability which was privately reported to VMware. Patches are available to remediate this vulnerability in affected VMware products. A malicious user with network access may be able to use specially crafted SQL queries to gain database access.
Impact
- Gain Access
- Data Manipulation
Indicators of Compromise
CVE
CVE-2025-22217
Affected Vendors
VMware
Affected Products
- VMware Avi Load Balancer
Remediation
Refer to VMware Security Advisory for patch, upgrade, or suggested workaround information.