High severity8.6NVD Advisory· Published Jan 28, 2025· Updated Apr 15, 2026

CVE-2025-22217

Description

Avi Load Balancer contains an unauthenticated blind SQL Injection vulnerability which was privately reported to VMware. Patches are available to remediate this vulnerability in affected VMware products.

A malicious user with network access may be able to use specially crafted SQL queries to gain database access.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25346nvd

News mentions

No linked articles in our index yet.

cvss	0.559
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000