Flash Notices

Flash Notice: Two Vulnerabilities Found in Aria Operations for Networks

Written by Marketing | Aug 31, 2023 2:45:36 PM

overview

This week, VMware fixed two vulnerabilities found in Aria Operations for Networks. According to VMware, the first vulnerability, CVE-2023-34039, has a CVSS score of 9.8 and is an authentication bypass vulnerability due to lack of unique cryptographic key generation. The second vulnerability, CVE-2023-20890, has a CVSS score of 7.2 and is an arbitrary write file vulnerability.  

According to VMware’s advisory, CVE-2023-34039 is critical and could allow attackers with network access to Aria Operations for Networks to bypass SSH authentication, ultimately gaining access to the Aria Operations for Networks CLI.  

CVE-2023-20890 is a high-severity vulnerability and attackers with administrative privileges can exploit it to write files in any location and achieve remote code execution. Both vulnerabilities impact the following VMware Aria Operations for Networks versions:  

  • 6.2 
  • 6.3 
  • 6.4 
  • 6.5.1 
  • 6.6 
  • 6.7 
  • 6.8 
  • 6.9 
  • 6.10 

VMware has addressed CVE-2023-34039 and CVE-2023-20890 with patches for each of the above versions. VMware security issues are an attractive target for cybercriminals. Avertium recommends that users update to the latest version of Aria Operations for Networks as soon as possible.  

 

 

avertium's recommendationS

Avertium recommends applying the updates found in VMware’s advisory for CVE-2023-34039 and CVE-2023-20890.  
  • Version 6.11.0 comes with fixes for both vulnerabilities.  

 

 

INDICATORS OF COMPROMISE (IoCs)

At this time, there are no known IoCs associated with CVE-2023-34039 or CVE-2023-20890. Avertium remains vigilant in locating IoCs for our customers. Should any be located, Avertium will disclose them as soon as possible. For more information on how Avertium can help protect your organization, please reach out to your Avertium Service Delivery Manager or Account Executive.   

 

 

How Avertium is Protecting Our CUSTOMERS

  • Fusion MXDR is the first MDR offering that fuse together all aspects of security operations into a living, breathing, threat-resistant XDR solution. By fusing insights from threat intelligence, security assessments, and vulnerability management into our MDR approach, Fusion MXDR offers a more informed, robust, and cost-effective approach to cybersecurity – one that is greater than the sum of its parts. 
  • Avertium offers Vulnerability Management (VM) to provide a deeper understanding and control over organizational information security risks.  If your enterprise is facing challenges with the scope, resources, or skills required to implement a vulnerability management program with your team, outsourced solutions can help you bridge the gap. 







SUPPORTING DOCUMENTATION

VMSA-2023-0018 (vmware.com) 

Critical RCE flaw impacts VMware Aria Operations Networks (securityaffairs.com) 

Critical Vulnerability Alert: VMware Aria Operations Networks at Risk from Remote Attacks (thehackernews.com)