Vulnerabilities in Aria Operations for Networks: What You Need to Know VMSA-2023-0018

Impacted Products

The vulnerabilities affect Aria Operations for Networks, specifically versions 6.x.

Aria Operations for Networks Authentication Bypass Vulnerability (CVE-2023-34039)

Description

The first vulnerability, CVE-2023-34039, is an Authentication Bypass vulnerability. This flaw arises due to a lack of unique cryptographic key generation. VMware has classified this issue as critical, with a maximum CVSSv3 base score of 9.8.

Known Attack Vectors

Malicious actors with network access to Aria Operations for Networks could potentially bypass SSH authentication and gain unauthorized access to the Aria Operations for Networks Command Line Interface (CLI).

Resolution

To address CVE-2023-34039, VMware has released updates. Users are strongly advised to apply these updates as soon as possible.

Workarounds

Unfortunately, there are no known workarounds for this issue. It’s essential to rely on the provided updates for mitigation.

Aria Operations for Networks Arbitrary File Write Vulnerability (CVE-2023-20890)

Description

The second vulnerability, CVE-2023-20890, involves an arbitrary file write vulnerability. VMware classifies this as important, with a maximum CVSSv3 base score of 7.2.

Known Attack Vectors

In this case, an authenticated malicious actor with administrative access to Aria Operations for Networks can write files to arbitrary locations. This could potentially lead to remote code execution, which is a significant security risk.

Resolution

Similar to the first vulnerability, VMware has released updates to address CVE-2023-20890. Users should install these updates promptly.

Workarounds

As with the first vulnerability, no workarounds are known for CVE-2023-20890. Rely on the updates provided by VMware for protection.

Acknowledgments

Before we move on to remediation, it’s essential to acknowledge the responsible disclosure of these vulnerabilities. VMware extends its thanks to Harsh Jaiswal, Rahul Maini of ProjectDiscovery Research, and Sina Kheirkhah of the Summoning Team for reporting these issues. Their efforts have contributed to making these vulnerabilities known and, ultimately, more secure.

Remediation

Now, the most crucial part: is how to protect your systems. VMware has released updates for Aria Operations for Networks to address these vulnerabilities. Users are strongly urged to apply the updates as soon as possible. The fixed versions for each impacted product are listed in the ‘Response Matrix.’

Response Matrix

ProductVersionRunning OnCVE IdentifierCVSSv3SeverityFixed VersionWorkaroundsAdditional Documentation
VMware Aria Operations for Networks6.11AnyCVE-2023-34039, CVE-2023-20890N/AN/AUnaffectedN/AN/A
VMware Aria Operations Networks6.xAnyCVE-2023-34039, CVE-2023-208909.8, 7.2Critical KB94152NoneN/A

References

  1. VMware Aria Operations for Networks 6.11 Release Notes
  2. Downloads and Documentation
  3. VMware Aria Operations for Networks 6.x HF: KB94152
  4. Mitre CVE Dictionary Links:
  5. FIRST CVSSv3 Calculator:

🔥Subscribe to the channel: https://bit.ly/3vY16CT🔥

🚨Read my blog: https://angrysysops.com/

👊Twitter: https://twitter.com/AngrySysOps
👊Facebook: https://www.facebook.com/AngrySysOps
👊My Podcast: https://bit.ly/39fFnxm
👊Mastodon: https://techhub.social/@AngryAdmin

🔥vExpert info: https://bit.ly/3vXGPOa

🛒 VMware EMEA store: https://imp.i263671.net/c/3505578/814646/11461

🛒 VMware US store: https://imp.i263671.net/c/3505578/814642/11461

🛒 VMware APAC store: https://imp.i263671.net/c/3505578/814645/11461

 
Please leave the comment