Avi · Avi Load Balancer · CVE-2025-22217
**Name of the Vulnerable Software and Affected Versions**
Avi Load Balancer versions 30.1.1 through 30.2.2
**Description**
The Avi Load Balancer contains an unauthenticated blind SQL Injection vulnerability. A malicious user with network access may be able to use specially crafted SQL queries to gain database access. This issue can lead to unauthorized access to databases, potentially resulting in data breaches.
**Recommendations**
For Avi Load Balancer versions 30.1.1 through 30.2.2, update to a patched version to prevent database compromise. As a temporary workaround, consider restricting access to the database until a patch is available.