Affected Products- Aria Operations for Networks
- Overview
- VMware has received responsible reports of multiple vulnerabilities in Aria Operations for Networks. Updates have been made available to address these vulnerabilities in VMware products that are affected.
3a. Vulnerability: Aria Operations for Networks Authentication Bypass (CVE-2023-34039)
- Description: Aria Operations for Networks is susceptible to an Authentication Bypass vulnerability stemming from the absence of unique cryptographic key generation. VMware rates the severity of this issue as critical, with a maximum CVSSv3 base score of 9.8.
- Attack Vectors: A malicious actor with network access to Aria Operations for Networks can exploit this vulnerability to bypass SSH authentication and gain unauthorized access to the Aria Operations for Networks CLI.
- Resolution: To mitigate CVE-2023-34039, please apply the updates listed in the ‘Fixed Version’ column of the ‘Response Matrix’ provided below.
- Workarounds: No workarounds available.
- Additional Documentation: None.
- Notes: CVE-2023-34039 impacts Aria Operations for Networks collectors, but upgrading the platform appliance resolves this issue. It’s worth noting that exploit code for CVE-2023-34039 has been publicly disclosed.
- Acknowledgements: VMware expresses gratitude to Harsh Jaiswal and Rahul Maini from ProjectDiscovery Research for responsibly reporting this issue.
3b. Vulnerability: Aria Operations for Networks Arbitrary File Write (CVE-2023-20890)
- Description: Aria Operations for Networks is susceptible to an arbitrary file write vulnerability. VMware has assessed the severity of this issue as significant, with a maximum CVSSv3 base score of 7.2.
- Attack Vectors: An authenticated malicious actor with administrative privileges in VMware Aria Operations for Networks can exploit this vulnerability to write files to unauthorized locations, potentially leading to remote code execution.
- Resolution: To address CVE-2023-20890, please apply the updates specified in the ‘Fixed Version’ column of the ‘Response Matrix’ provided below.
- Workarounds: No viable workarounds exist.
- Additional Documentation: None.
- Notes: None.
- Acknowledgements: [No acknowledgments provided.]
- 4. References
- Fixed Version(s) and Release Notes:
- VMware Aria Operations for Networks 6.11 Release Notes
- Downloads and Documentation
- https://customerconnect.vmware.com/en/downloads/info/slug/infrastructure_operations_management/vmware_aria_operations_for_networks/6_x
- https://docs.vmware.com/en/VMware-Aria-Operations-for-Networks/services/rn/vmware-aria-operations-for-networks-release-notes/index.html
- VMware Aria Operations for Networks 6.x HF: KB94152
- Mitre CVE Dictionary Links:
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34039
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20890
- FIRST CVSSv3 Calculator:
- CVE-2023-34039: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- CVE-2023-20890: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
- 5. Change Log
- 2023-08-29 VMSA-2023-0018
- Initial security advisory.
- 2023-08-31 VMSA-2023-0018.1
- Updated VMSA to note that VMware has confirmed that exploit code for CVE-2023-34039 has been published.
Source:
https://www.vmware.com/security/advisories/VMSA-2023-0018.html