OpenSSL vulnerability reported in Aria operations 8.18.5 under CVE-2025-9230
search cancel

OpenSSL vulnerability reported in Aria operations 8.18.5 under CVE-2025-9230

book

Article ID: 427760

calendar_today

Updated On:

Products

VCF Operations VMware Aria Operations (formerly vRealize Operations) 8.x

Issue/Introduction

Following plugins are reported to be exposed to OpenSSL vulnerabilities reported in CVE-2025-9230 with CVSS base score 7.1 :

Path             : /opt/vmware/ucp/salt-minion/lib/libcrypto.so
Reported version : 1.0.2zk 
Fixed version    : 1.0.2zm 

Path             : /opt/vmware/ucp/salt-minion/lib/libcrypto.so.1.0.2 
Reported version : 1.0.2zk 
Fixed version    : 1.0.2zm 

Path             : /opt/vmware/ucp/salt-minion/lib/libssl.so 
Reported version : 1.0.2zk 
Fixed version    : 1.0.2zm 

Path             : /opt/vmware/ucp/salt-minion/lib/libssl.so.1.0.2 
Reported version : 1.0.2zk 
Fixed version    : 1.0.2zm

Environment

VCF Operations 
Aria Operations 8.18.5

Resolution

VMware By Broadcom is aware of CVE-2025-9230.
Please refer to the release notes for existing and forthcoming product releases for any updates in relation to this CVE.

Should you require further information please contact Broadcom Support

Additional Information

For latest Build numbers and versions of VMware Aria Operations, refer article -
https://knowledge.broadcom.com/external/article/324371/build-numbers-and-versions-of-vmware-ari.html

Powered by Wolken Software