{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-14T08:30:22.256","vulnerabilities":[{"cve":{"id":"CVE-2026-22721","sourceIdentifier":"security@vmware.com","published":"2026-02-25T21:16:40.277","lastModified":"2026-03-04T15:54:26.430","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with privileges in vCenter to access Aria Operations may leverage this vulnerability to obtain administrative access in VMware Aria Operations. To remediate CVE-2026-22721, apply the patches listed in the 'Fixed Version' column of the 'Response Matrix' found in  VMSA-2026-0001 https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36947 ."},{"lang":"es","value":"VMware Aria Operations contiene una vulnerabilidad de escalada de privilegios. Un actor malicioso con privilegios en vCenter para acceder a Aria Operations podría aprovechar esta vulnerabilidad para obtener acceso administrativo en VMware Aria Operations. Para remediar CVE-2026-22721, aplique los parches enumerados en la columna 'Fixed Version' de la 'Response Matrix' que se encuentra en VMSA-2026-0001 https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36947."}],"metrics":{"cvssMetricV31":[{"source":"security@vmware.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L","baseScore":6.2,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":0.7,"impactScore":5.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}]},"weaknesses":[{"source":"security@vmware.com","type":"Secondary","description":[{"lang":"en","value":"CWE-269"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:aria_operations:*:*:*:*:*:*:*:*","versionStartIncluding":"8.0","versionEndExcluding":"8.18.6","matchCriteriaId":"6748CC5F-63A6-459A-A0B4-D12A149AD2DB"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0","versionEndExcluding":"5.2.3","matchCriteriaId":"16C87F30-12CA-43F5-9057-BBE32666A515"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*","versionStartIncluding":"9.0","versionEndExcluding":"9.0.2.0","matchCriteriaId":"11F5C577-620E-4BD7-9429-E2FDC70D6667"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:telco_cloud_infrastructure:*:*:*:*:*:*:*:*","versionStartIncluding":"2.2","versionEndIncluding":"3.0","matchCriteriaId":"904AA81A-D1C3-4DAF-BB2C-C51FEDF5B3F6"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:telco_cloud_platform:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0","versionEndIncluding":"5.1","matchCriteriaId":"9A8AE269-DD3E-4A60-91C1-D5C1FEAF0CF4"}]}]}],"references":[{"url":"https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36947","source":"security@vmware.com","tags":["Patch","Vendor Advisory"]},{"url":"https://techdocs.broadcom.com/us/en/vmware-cis/aria/aria-operations/8-18/vmware-aria-operations-8186-release-notes.html","source":"security@vmware.com","tags":["Release Notes"]}]}}]}