VMware Aria Automation
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in VMware Aria Automation.
By the Year
In 2026 there have been 0 vulnerabilities in VMware Aria Automation. Last year, in 2025 Aria Automation had 2 security vulnerabilities published. Right now, Aria Automation is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 2 | 0.00 |
| 2024 | 2 | 8.20 |
It may take a day or so for new Aria Automation vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent VMware Aria Automation Security Vulnerabilities
VMware Aria Automation DOM XSS for Access Token Theft
CVE-2025-22249
- May 13, 2025
VMware Aria automation contains a DOM based Cross-Site Scripting (XSS) vulnerability. A malicious actor may exploit this issue to steal the access token of a logged in user of VMware Aria automation appliance by tricking the user into clicking a malicious crafted payload URL.
VMware Aria Automation SSRF Exposes Internal Network
CVE-2025-22215
- January 08, 2025
VMware Aria Automation contains a server-side request forgery (SSRF) vulnerability. A malicious actor with "Organization Member" access to Aria Automation may exploit this vulnerability enumerate internal services running on the host/network.
Aria Automation SQLi via Improper Input Validation (Authenticated)
CVE-2024-22280
8.1 - High
- July 11, 2024
VMware Aria Automation does not apply correct input validation which allows for SQL-injection in the product. An authenticated malicious user could enter specially crafted SQL queries and perform unauthorised read/write operations in the database.
SQL Injection
Aria Automation Missing Access Control Exploit Enables Unauthorized Access
CVE-2023-34063
8.3 - High
- January 16, 2024
Aria Automation contains a Missing Access Control vulnerability. An authenticated malicious actor may exploit this vulnerability leading to unauthorized access to remote organizations and workflows.
AuthZ
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for VMware Aria Automation or by VMware? Click the Watch button to subscribe.
