VMware Avi Load Balancer Vulnerability Let Attackers Gain Database Access

Broadcom disclosed a critical vulnerability affecting its Avi Load Balancer product. The vulnerability, identified as CVE-2025-22217, is an unauthenticated blind SQL injection vulnerability that could allow attackers with network access to execute specially crafted SQL queries to gain unauthorized access to the underlying database.

The issue was privately reported to VMware and has been classified with a CVSSv3 base score of 8.6, placing it in the “Important” severity range.

The vulnerability arises from improper input sanitization in the Avi Load Balancer, enabling attackers to exploit the system without authentication.

Are you from SOC/DFIR Teams? – Analyse Malware Files & Links with ANY.RUN Sandox -> Try for Free

Exploiting this flaw could lead to significant security breaches, including unauthorized database access and potential data compromise.

Affected & Fixed Versions

Broadcom has released patches for all affected versions to address this vulnerability. Users are strongly advised to apply the updates listed in the Response Matrix below:

No workarounds are available for this issue, making it imperative for administrators to deploy the patches immediately.VMware has credited security researchers Daniel Kukuczka and Mateusz Darda for identifying and reporting this vulnerability.

Organizations using VMware Avi Load Balancer should take the following steps:

1. Identify affected systems running vulnerable versions of the software.
2. Apply the recommended patches as soon as possible.
3. Monitor network activity for any suspicious behavior that could indicate exploitation attempts.

Failure to address this vulnerability promptly could expose critical databases to malicious actors, leading to data breaches and other security incidents.

Integrating Application Security into Your CI/CD Workflows Using Jenkins & Jira -> Free Webinar