CVE-2025-22217 Information

Description

Avi Load Balancer contains an unauthenticated blind SQL Injection vulnerability which was privately reported to VMware. Patches are available to remediate this vulnerability in affected VMware products. 

A malicious user with network access may be able to use specially crafted SQL queries to gain database access.

Reference

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25346