CVE-2025-41245 | THREATINT

Description

VMware Aria Operations contains an information disclosure vulnerability. A malicious actor with non-administrative privileges in Aria Operations may exploit this vulnerability to disclose credentials of other users of Aria Operations.

PUBLISHED Reserved 2025-04-16 | Published 2025-09-29 | Updated 2025-09-30 | Assigner vmware

MEDIUM: 4.9CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Problem types

Product status

Default status

unaffected

8.18.x (commercial) before 8.18.5

affected

Default status

unaffected

5.x (commercial) before 8.18.5

affected

4.x (commercial) before 8.18.5

affected

Default status

unaffected

5.x (commercial) before 8.18.5

affected

4.x (commercial) before 8.18.5

affected

Default status

unaffected

3.x (commercial) before 8.18.5

affected

2.x (commercial) before 8.18.5

affected

References

support.broadcom.com/...VE-2025-41245--CVE-2025-41246-/36149

cve.org (CVE-2025-41245)

nvd.nist.gov (CVE-2025-41245)

Download JSON

help @ threatint.eu