Summary: Broadcom has issued a warning about a critical security flaw in VMware Avi Load Balancer that could be exploited by attackers to gain unauthorized access to databases. This vulnerability, identified as CVE-2025-22217 with a CVSS score of 8.6, is categorized as an unauthenticated blind SQL injection. Users are advised to upgrade to the latest software version, as there are no workarounds available.
Affected: VMware Avi Load Balancer
Keypoints :
- Vulnerability allows malicious users with network access to execute specially crafted SQL queries.
- Affects specific versions: 30.1.1, 30.1.2, 30.2.1, and 30.2.2; fixed in newer versions.
- Versions 22.x and 21.x are not affected by CVE-2025-22217.
- No workarounds; customers must update to the latest version for security.
Source: https://thehackernews.com/2025/01/broadcom-warns-of-high-severity-sql.html
Views: 7