Impacted Products
The vulnerabilities affect Aria Operations for Networks, specifically versions 6.x.
Aria Operations for Networks Authentication Bypass Vulnerability (CVE-2023-34039)
Description
The first vulnerability, CVE-2023-34039, is an Authentication Bypass vulnerability. This flaw arises due to a lack of unique cryptographic key generation. VMware has classified this issue as critical, with a maximum CVSSv3 base score of 9.8.
Known Attack Vectors
Malicious actors with network access to Aria Operations for Networks could potentially bypass SSH authentication and gain unauthorized access to the Aria Operations for Networks Command Line Interface (CLI).
Resolution
To address CVE-2023-34039, VMware has released updates. Users are strongly advised to apply these updates as soon as possible.
Workarounds
Unfortunately, there are no known workarounds for this issue. It’s essential to rely on the provided updates for mitigation.
Aria Operations for Networks Arbitrary File Write Vulnerability (CVE-2023-20890)
Description
The second vulnerability, CVE-2023-20890, involves an arbitrary file write vulnerability. VMware classifies this as important, with a maximum CVSSv3 base score of 7.2.
Known Attack Vectors
In this case, an authenticated malicious actor with administrative access to Aria Operations for Networks can write files to arbitrary locations. This could potentially lead to remote code execution, which is a significant security risk.
Resolution
Similar to the first vulnerability, VMware has released updates to address CVE-2023-20890. Users should install these updates promptly.
Workarounds
As with the first vulnerability, no workarounds are known for CVE-2023-20890. Rely on the updates provided by VMware for protection.
Acknowledgments
Before we move on to remediation, it’s essential to acknowledge the responsible disclosure of these vulnerabilities. VMware extends its thanks to Harsh Jaiswal, Rahul Maini of ProjectDiscovery Research, and Sina Kheirkhah of the Summoning Team for reporting these issues. Their efforts have contributed to making these vulnerabilities known and, ultimately, more secure.
Remediation
Now, the most crucial part: is how to protect your systems. VMware has released updates for Aria Operations for Networks to address these vulnerabilities. Users are strongly urged to apply the updates as soon as possible. The fixed versions for each impacted product are listed in the ‘Response Matrix.’
Response Matrix
Product | Version | Running On | CVE Identifier | CVSSv3 | Severity | Fixed Version | Workarounds | Additional Documentation |
VMware Aria Operations for Networks | 6.11 | Any | CVE-2023-34039, CVE-2023-20890 | N/A | N/A | Unaffected | N/A | N/A |
VMware Aria Operations Networks | 6.x | Any | CVE-2023-34039, CVE-2023-20890 | 9.8, 7.2 | Critical | KB94152 | None | N/A |
References
- VMware Aria Operations for Networks 6.11 Release Notes
- Downloads and Documentation
- VMware Aria Operations for Networks 6.x HF: KB94152
- Mitre CVE Dictionary Links:
- FIRST CVSSv3 Calculator:
🔥Subscribe to the channel: https://bit.ly/3vY16CT🔥
🚨Read my blog: https://angrysysops.com/
👊Twitter: https://twitter.com/AngrySysOps
👊Facebook: https://www.facebook.com/AngrySysOps
👊My Podcast: https://bit.ly/39fFnxm
👊Mastodon: https://techhub.social/@AngryAdmin
🔥vExpert info: https://bit.ly/3vXGPOa
🛒 VMware EMEA store: https://imp.i263671.net/c/3505578/814646/11461
🛒 VMware US store: https://imp.i263671.net/c/3505578/814642/11461
🛒 VMware APAC store: https://imp.i263671.net/c/3505578/814645/11461