VMSA-2024-0002:VMware Aria Operations for Networks (Formerly vRealize Network Insight) updates address multiple vulnerabilities
23681
04 February 2024
04 February 2024
CLOSED
HIGH
4.3 - 7.8
CVE-2024-22237,CVE-2024-22238,CVE-2024-22239,CVE-2024-22240,CVE-2024-22241
1. Impacted Products
VMware Aria Operations for Networks (formerly vRealize Network Insight)
2. Introduction
Multiple vulnerabilities in Aria Operations for Networks were responsibly reported to VMware. Updates are available to remediate these vulnerabilities in affected VMware products.
3a. Local Privilege Escalation vulnerability (CVE-2024-22237)
Description
Aria Operations for Networks contains a local privilege escalation vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.8.
Known Attack Vectors
A console user with access to Aria Operations for Networks may exploit this vulnerability to escalate privileges to gain root access to the system.
Resolution
To remediate CVE-2024-22237 apply the patches listed in the 'Fixed Version' column of the 'Response Matrix' found below.
Workarounds
None.
Additional Documentation
None.
Notes
None.
Acknowledgements
VMware would like to thank Mourad Barhi of Rabobank for reporting this issue to us.
3b. Cross Site Scripting Vulnerability (CVE-2024-22238)
Description
Aria Operations for Networks contains a cross site scripting vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 6.4.
Known Attack Vectors
A malicious actor with admin privileges may be able to inject malicious code into user profile configurations due to improper input sanitization.
Resolution:
To remediate CVE-2024-22238 apply the patches listed in the 'Fixed Version' column of the 'Response Matrix' found below.
Workarounds
None.
Additional Documentation
None.
Notes
None.
Acknowledgements
VMware would like to thank Kajetan Rostojek and Tomasz Holeksa of ING Hubs Poland for reporting this vulnerability to us.
3c. Local Privilege Escalation vulnerability (CVE-2024-22239)
Description:
Aria Operations for Networks contains a local privilege escalation vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.3.
Known Attack Vectors
A console user with access to Aria Operations for Networks may exploit this vulnerability to escalate privileges to gain regular shell access.
Resolution
To remediate CVE-2024-22239 apply the patches listed in the 'Fixed Version' column of the 'Response Matrix' found below.
Workarounds
None.
Additional Documentation
None.
Notes
None.
Acknowledgements
VMware would like to thank Mourad Barhi of Rabobank for reporting this issue to us.
3d. Local File Read vulnerability (CVE-2024-22240)
Description:
Aria Operations for Networks contains a local file read vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.9.
Known Attack Vectors
A malicious actor with admin privileges may exploit this vulnerability leading to unauthorized access to sensitive information.
Resolution
To remediate CVE-2024-22240 apply the patches listed in the 'Fixed Version' column of the 'Response Matrix' found below.
Workarounds
None.
Additional Documentation
None.
Notes
None.
Acknowledgements
VMware would like to thank Rahul Maini and Harsh Jaiswal of ProjectDiscovery Research Team for reporting this issue to us.
3e. Cross Site Scripting vulnerability (CVE-2024-22241)
Description
Aria Operations for Networks contains a cross site scripting vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.3.
Known Attack Vectors
A malicious actor with admin privileges can inject a malicious payload into the login banner and takeover the user account.
Resolution
To remediate CVE-2024-22241 apply the patches listed in the 'Fixed Version' column of the 'Response Matrix' found below.
Workarounds
None.
Additional Documentation
None.
Notes
None.
Acknowledgements
VMware would like to thank Kajetan Rostojek and Tomasz Holeksa of ING Hubs Poland for reporting this issue to us.
Response Matrix
Product | Version | Running On | CVE Identifier | CVSSv3 | Severity | Fixed Version | Workarounds | Additional Documentation |
Aria Operations for Networks | 6.12 | Any | CVE-2024-22237, CVE-2024-22238, CVE-2024-22239, CVE-2024-22240, CVE-2024-22241 | N/A | N/A | Unaffected | N/A | N/A |
Aria Operations for Networks | 6.x | Any | CVE-2024-22237, CVE-2024-22238, CVE-2024-22239, CVE-2024-22240, CVE-2024-22241 | important | N/A | N/A |
4. References
Fixed Version(s) and Release Notes:
Aria Operations for Networks
Downloads and Documentation:
https://kb.vmware.com/s/article/96450
Mitre CVE Dictionary Links:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22237
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22238
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22239
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22240
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22241
FIRST CVSSv3 Calculator:
CVE-2024-22237: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2024-22238: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:H
CVE-2024-22239: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CVE-2024-22240: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
CVE-2024-22241: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L
5. Change Log
2024-02-06 VMSA-2024-0002
Initial security advisory.
6. Contact
E-mail: [email protected]
PGP key at:
https://kb.vmware.com/kb/1055
VMware Security Advisories
https://www.vmware.com/security/advisories
VMware Security Response Policy
https://www.vmware.com/support/policies/security_response.html
VMware Lifecycle Support Phases
https://www.vmware.com/support/policies/lifecycle.html
VMware Security & Compliance Blog
https://blogs.vmware.com/security
Twitter
https://twitter.com/VMwareSRC
Copyright 2024 Broadcom. All rights reserved.