Virtualization technology giant VMware recently issued a warning about a blind SQL injection flaw in its Avi Load Balancer, which could potentially lead to attackers gaining broader access to databases. The vulnerability, identified as CVE-2025-22217, has been rated with a CVSS severity score of 8.6/10, indicating a significant risk level.
Described as an unauthenticated blind SQL Injection vulnerability, VMware emphasized the urgency for enterprise administrators to apply the available patches promptly, as there are no pre-patch workarounds to mitigate the issue. A high-risk bulletin from VMware specifically highlighted that a malicious user with network access could exploit specially crafted SQL queries to gain unauthorized database access.
The Avi Load Balancer, a widely utilized technology for managing incoming traffic across servers, plays a crucial role in ensuring the performance and security of cloud and on-premises applications. In addition to load balancing tasks, the product offers web application security and container ingress for cloud and datacenter applications, catering to a variety of organizational needs.
Designed to function seamlessly with both traditional virtual machine-based applications and containerized microservices, the Avi Load Balancer has become an integral component of many IT infrastructures. VMware has advised customers using versions 30.1.1, 30.1.2, 30.2.1, and 30.2.2 of the Avi Load Balancer to expedite the deployment of available patches. For those operating on older releases, upgrading to at least version 30.1.2 before applying the patch is recommended.
Given the absence of known workarounds at present, patching remains the most effective solution to address the identified vulnerability. The issue was brought to VMware’s attention through a private report, with credit given to researchers Daniel Kukuczka and Mateusz Darda for their discovery.
This recent alert adds to a series of security concerns faced by VMware, with previous disclosures addressing issues such as exploitation of vCenter Server flaws and high-severity SQL injection flaws in other platforms. The company’s ongoing efforts to address these vulnerabilities underscore the importance of robust cybersecurity measures and prompt patch management in today’s digital landscape.