Vmware Aria Automation — known CVE vulnerabilities
Every CVE whose affected-product data names Vmware Aria Automation, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2023-34063 — CVSS 9.9 (critical): Aria Automation contains a Missing Access Control vulnerability. An authenticated malicious actor may exploit this vulnerability leading to…
CVE-2024-22280 — CVSS 8.5 (high): VMware Aria Automation does not apply correct input validation which allows for SQL-injection in the product. An authenticated malicious…
CVE-2025-22249 — CVSS 8.2 (high): VMware Aria automation contains a DOM based Cross-Site Scripting (XSS) vulnerability. A malicious actor may exploit this issue to steal the…