VMSA-2024-0002 – VMware Aria Operations for Networks – multiple vulnerabilities
Multiple vulnerabilities in Aria Operations for Networks were responsibly reported to VMware. Updates are available to remediate these vulnerabilities in affected VMware products.
CVE(s):
CVE-2024-22237, CVE-2024-22238, CVE-2024-22239, CVE-2024-22240, CVE-2024-22241
Impacted Products:
VMware Aria Operations for Networks (formerly vRealize Network Insight)
- Local Privilege Escalation Vulnerability (CVE-2024-22237)
Description: Aria Operations for Networks contains a local privilege escalation vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.8.
Known Attack Vectors: A console user with access to Aria Operations for Networks may exploit this vulnerability to escalate privileges to gain root access to the system.
Resolution: To remediate CVE-2024-22237 apply the patches listed in the ‘Fixed Version’ column of the ‘Response Matrix’ found below.
Workarounds: None.
- Cross-Site Scripting Vulnerability (CVE-2024-22238)
Description: Aria Operations for Networks contains a cross site scripting vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 6.4.
Known Attack Vectors: A malicious actor with admin privileges may be able to inject malicious code into user profile configurations due to improper input sanitization.
Resolution: To remediate CVE-2024-22238 apply the patches listed in the ‘Fixed Version’ column of the ‘Response Matrix’ found below.
Workarounds: None.
- Local Privilege Escalation Vulnerability (CVE-2024-22239)
Description: Aria Operations for Networks contains a local privilege escalation vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.3.
Known Attack Vectors: A console user with access to Aria Operations for Networks may exploit this vulnerability to escalate privileges to gain regular shell access.
Resolution: To remediate CVE-2024-22239 apply the patches listed in the ‘Fixed Version’ column of the ‘Response Matrix’ found below.
Workarounds: None.
- 3d. Local File Read vulnerability (CVE-2024-22240)
Description: Aria Operations for Networks contains a local file read vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.9.
Known Attack Vectors: A malicious actor with admin privileges may exploit this vulnerability leading to unauthorized access to sensitive information.
Resolution: To remediate CVE-2024-22240 apply the patches listed in the ‘Fixed Version’ column of the ‘Response Matrix’ found below.
Workarounds: None.
- 3e. Cross-Site Scripting vulnerability (CVE-2024-22241)
Description: Aria Operations for Networks contains a cross-site scripting vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.3.
Known Attack Vectors: A malicious actor with admin privileges can inject a malicious payload into the login banner and take over the user account.
Resolution: To remediate CVE-2024-22241 apply the patches listed in the ‘Fixed Version’ column of the ‘Response Matrix’ found below.
Workarounds: None.
| Product | Version | CVE Identifier | CVSSv3 | Severity | Fixed Version |
| Aria Operations for Networks | 6.12 | CVE-2024-22237, CVE-2024-22238, CVE-2024-22239, CVE-2024-22240, CVE-2024-22241 | N/A | N/A | Unaffected |
| Aria Operations for Networks | 6.x | CVE-2024-22237, CVE-2024-22238, CVE-2024-22239, CVE-2024-22240, CVE-2024-22241 | 7.8,6.4 , 5.3, 4.9, 4.3 | Important | KB96450 |
References:
VMware Aria Operations for Networks Release Notes
