VMware Patches Critical SQL-Injection Flaw in Aria Automation
July 10, 2024 at 12:54PM VMWare, owned by Broadcom, issued patches for a high-risk SQL-injection vulnerability in Aria Automation, allowing an authenticated malicious user to manipulate databases. Tracked as CVE-2024-22280, the flaw permits unauthorized read and write operations in the database through specially crafted SQL queries. The bug carries a CVSS severity score of 8.5/10 … Read more