VMSA-2023-0018:VMware Aria Operations for Networks updates address multiple vulnerabilities.

VMware Tanzu Application Service

0 more products

23663

29 August 2023

28 August 2023

CLOSED

CRITICAL

7.2 - 9.8

CVE-2023-34039,CVE-2023-20890

VMSA-2023-0018.1
7.2 - 9.8
2023-08-29
2023-08-31
CVE-2023-34039, CVE-2023-20890
VMware Aria Operations for Networks updates address multiple vulnerabilities. (CVE-2023-34039, CVE-2023-20890)
1. Impacted Products
  • Aria Operations for Networks 

2. Introduction

Multiple vulnerabilities in Aria Operations for Networks were responsibly reported to VMware. Updates are available to remediate these vulnerabilities in affected VMware products.

3a. Aria Operations for Networks Authentication Bypass Vulnerability (CVE-2023-34039)

Description

Aria Operations for Networks contains an Authentication Bypass vulnerability due to a lack of unique cryptographic key generation. VMware has evaluated the severity of this issue to be in the critical severity range with a maximum CVSSv3 base score of 9.8.

Known Attack Vectors

A malicious actor with network access to Aria Operations for Networks could bypass SSH authentication to gain access to the Aria Operations for Networks CLI.

Resolution

To remediate CVE-2023-34039 apply the updates listed in the 'Fixed Version' column of the 'Response Matrix' below.

Workarounds

None.

Additional Documentation

None.

Notes

Aria Operations for Networks collectors are impacted by CVE-2023-34039, however, upgrading the platform appliance remediates this issue. VMware has confirmed that exploit code for CVE-2023-34039 has been published.

Acknowledgements

VMware would like to thank Harsh Jaiswal and Rahul Maini at ProjectDiscovery Research for reporting this issue to us.

3b. Aria Operations for Networks Arbitrary File Write Vulnerability (CVE-2023-20890)

Description

Aria Operations for Networks contains an arbitrary file write vulnerability. VMware has evaluated the severity of this issue to be in the important severity range with a maximum CVSSv3 base score of 7.2.

Known Attack Vectors

An authenticated malicious actor with administrative access to VMware Aria Operations for Networks can write files to arbitrary locations resulting in remote code execution.

Resolution

To remediate CVE-2023-20890 apply the updates listed in the 'Fixed Version' column of the 'Response Matrix' below.

Workarounds

None.

Additional Documentation

None.

Notes

None.

Acknowledgements

VMware would like to thank Sina Kheirkhah (@SinSinology) of Summoning Team (@SummoningTeam) for reporting this issue to us.

Response Matrix

Product Version Running On CVE Identifier CVSSv3 Severity Fixed Version Workarounds Additional Documentation
VMware Aria Operations for Networks
Any
CVE-2023-34039, CVE-2023-20890
N/A
N/A
Unaffected
N/A
N/A
VMware Aria Operations Networks
6.x
Any
CVE-2023-34039, CVE-2023-20890
critical
None
N/A
4. References
5. Change Log

2023-08-29 VMSA-2023-0018

Initial security advisory.

2023-08-31 VMSA-2023-0018.1

Updated VMSA to note that VMware has confirmed that exploit code for CVE-2023-34039 has been published.

6. Contact

E-mail list for product security notifications and announcements:

http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce

This Security Advisory is posted to the following lists:
[email protected]

E-mail: [email protected]

PGP key at:
https://kb.vmware.com/kb/1055

VMware Security Advisories
http://www.vmware.com/security/advisories

VMware Security Response Policy
https://www.vmware.com/support/policies/security_response.html

VMware Lifecycle Support Phases
https://www.vmware.com/support/policies/lifecycle.html

VMware Security & Compliance Blog
https://blogs.vmware.com/security

Twitter
https://twitter.com/VMwareSRC

Copyright 2023 VMware Inc. All rights reserved.