Affected Products- Aria Operations for Networks
- Overview
- VMware has received responsible reports of multiple vulnerabilities in Aria Operations for Networks. Updates have been made available to address these vulnerabilities in VMware products that are affected.
3a. Vulnerability: Aria Operations for Networks Authentication Bypass (CVE-2023-34039)
- Description: Aria Operations for Networks is susceptible to an Authentication Bypass vulnerability stemming from the absence of unique cryptographic key generation. VMware rates the severity of this issue as critical, with a maximum CVSSv3 base score of 9.8.
- Attack Vectors: A malicious actor with network access to Aria Operations for Networks can exploit this vulnerability to bypass SSH authentication and gain unauthorized access to the Aria Operations for Networks CLI.
- Resolution: To mitigate CVE-2023-34039, please apply the updates listed in the ‘Fixed Version’ column of the ‘Response Matrix’ provided below.
- Workarounds: No workarounds available.
- Additional Documentation: None.
- Notes: CVE-2023-34039 impacts Aria Operations for Networks collectors, but upgrading the platform appliance resolves this issue. It’s worth noting that exploit code for CVE-2023-34039 has been publicly disclosed.
- Acknowledgements: VMware expresses gratitude to Harsh Jaiswal and Rahul Maini from ProjectDiscovery Research for responsibly reporting this issue.
3b. Vulnerability: Aria Operations for Networks Arbitrary File Write (CVE-2023-20890)
- Description: Aria Operations for Networks is susceptible to an arbitrary file write vulnerability. VMware has assessed the severity of this issue as significant, with a maximum CVSSv3 base score of 7.2.
- Attack Vectors: An authenticated malicious actor with administrative privileges in VMware Aria Operations for Networks can exploit this vulnerability to write files to unauthorized locations, potentially leading to remote code execution.
- Resolution: To address CVE-2023-20890, please apply the updates specified in the ‘Fixed Version’ column of the ‘Response Matrix’ provided below.
- Workarounds: No viable workarounds exist.
- Additional Documentation: None.
- Notes: None.
- Acknowledgements: [No acknowledgments provided.]
- 4. References
- Fixed Version(s) and Release Notes:
- VMware Aria Operations for Networks 6.11 Release Notes
- Downloads and Documentation
- https://customerconnect.vmware.com/en/downloads/info/slug/infrastructure_operations_management/vmware_aria_operations_for_networks/6_x
- https://docs.vmware.com/en/VMware-Aria-Operations-for-Networks/services/rn/vmware-aria-operations-for-networks-release-notes/index.html
- VMware Aria Operations for Networks 6.x HF: KB94152
- Mitre CVE Dictionary Links:
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34039
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20890
- FIRST CVSSv3 Calculator:
- CVE-2023-34039: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- CVE-2023-20890: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
- 5. Change Log
- 2023-08-29 VMSA-2023-0018
- Initial security advisory.
- 2023-08-31 VMSA-2023-0018.1
- Updated VMSA to note that VMware has confirmed that exploit code for CVE-2023-34039 has been published.
Source:
https://www.vmware.com/security/advisories/VMSA-2023-0018.html
Related posts
Hot Topics
Categories
Critical vulnerabiliities (84)
cyber crime (1)
Cyber Security (66)
Data breach (2)
DER (11)
Exploit (30)
Hacks (79)
ICS (509)
Industrial IoT (IIoT) (29)
IoT Security (77)
Market (49)
News (1213)
Recommendations (59)
Remediation (7)
Reports (12)
Security Patches (12)
Standards (3)
Tools (6)
Uncategorized (30)
Vulnerabilities (1084)
White Papers (33)
Stay connected