#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(308349);
script_version("1.1");
script_set_attribute(attribute:"plugin_modification_date", value:"2026/04/21");
script_cve_id(
"CVE-2025-15281",
"CVE-2025-61662",
"CVE-2025-69419",
"CVE-2026-0915",
"CVE-2026-22695",
"CVE-2026-22801",
"CVE-2026-24734",
"CVE-2026-25646",
"CVE-2026-25749"
);
script_name(english:"Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-7.3.1.7)");
script_set_attribute(attribute:"synopsis", value:
"The Nutanix AOS host is affected by multiple vulnerabilities .");
script_set_attribute(attribute:"description", value:
"The version of AOS installed on the remote host is prior to 7.3.1.7. It is, therefore, affected by multiple
vulnerabilities as referenced in the NXSA-AOS-7.3.1.7 advisory.
- LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable
Network Graphics) raster image files. Prior to 1.6.55, an out-of-bounds read vulnerability exists in the
png_set_quantize() API function. When the function is called with no histogram and the number of colors in
the palette is more than twice the maximum supported by the user's display, certain palettes will cause
the function to enter into an infinite loop that reads past the end of an internal heap-allocated buffer.
The images that trigger this vulnerability are valid per the PNG specification. This vulnerability is
fixed in 1.6.55. (CVE-2026-25646)
- Improper Input Validation vulnerability in Apache Tomcat Native, Apache Tomcat. When using an OCSP
responder, Tomcat Native (and Tomcat's FFM port of the Tomcat Native code) did not complete verification
or freshness checks on the OCSP response which could allow certificate revocation to be bypassed. This
issue affects Apache Tomcat Native: from 1.3.0 through 1.3.4, from 2.0.0 through 2.0.11; Apache Tomcat:
from 11.0.0-M1 through 11.0.17, from 10.1.0-M7 through 10.1.51, from 9.0.83 through 9.0.114. The following
versions were EOL at the time the CVE was created but are known to be affected: from 1.1.23 through
1.1.34, from 1.2.0 through 1.2.39. Older EOL versions are not affected. Apache Tomcat Native users are
recommended to upgrade to versions 1.3.5 or later or 2.0.12 or later, which fix the issue. Apache Tomcat
users are recommended to upgrade to versions 11.0.18 or later, 10.1.52 or later or 9.0.115 or later which
fix the issue. (CVE-2026-24734)
- Issue summary: Calling PKCS12_get_friendlyname() function on a maliciously crafted PKCS#12 file with a
BMPString (UTF-16BE) friendly name containing non-ASCII BMP code point can trigger a one byte write before
the allocated buffer. Impact summary: The out-of-bounds write can cause a memory corruption which can have
various consequences including a Denial of Service. The OPENSSL_uni2utf8() function performs a two-pass
conversion of a PKCS#12 BMPString (UTF-16BE) to UTF-8. In the second pass, when emitting UTF-8 bytes, the
helper function bmp_to_utf8() incorrectly forwards the remaining UTF-16 source byte count as the
destination buffer capacity to UTF8_putc(). For BMP code points above U+07FF, UTF-8 requires three bytes,
but the forwarded capacity can be just two bytes. UTF8_putc() then returns -1, and this negative value is
added to the output length without validation, causing the length to become negative. The subsequent
trailing NUL byte is then written at a negative offset, causing write outside of heap allocated buffer.
The vulnerability is reachable via the public PKCS12_get_friendlyname() API when parsing attacker-
controlled PKCS#12 files. While PKCS12_parse() uses a different code path that avoids this issue,
PKCS12_get_friendlyname() directly invokes the vulnerable function. Exploitation requires an attacker to
provide a malicious PKCS#12 file to be parsed by the application and the attacker can just trigger a one
zero byte write before the allocated buffer. For that reason the issue was assessed as Low severity
according to our Security Policy. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this
issue, as the PKCS#12 implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4,
3.3, 3.0 and 1.1.1 are vulnerable to this issue. OpenSSL 1.0.2 is not affected by this issue.
(CVE-2025-69419)
- Vim is an open source, command line text editor. Prior to version 9.1.2132, a heap buffer overflow
vulnerability exists in Vim's tag file resolution logic when processing the 'helpfile' option. The
vulnerability is located in the get_tagfname() function in src/tag.c. When processing help file tags, Vim
copies the user-controlled 'helpfile' option value into a fixed-size heap buffer of MAXPATHL + 1 bytes
(typically 4097 bytes) using an unsafe STRCPY() operation without any bounds checking. This issue has been
patched in version 9.1.2132. (CVE-2026-25749)
- A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a
programming error where the gettext command remains registered in memory after its module is unloaded. An
attacker can exploit this condition by invoking the orphaned command, causing the application to access a
memory location that is no longer valid. An attacker could exploit this vulnerability to cause grub to
crash, leading to a Denial of Service. Possible data integrity or confidentiality compromise is not
discarded. (CVE-2025-61662)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
# https://portal.nutanix.com/page/documents/security-advisories/release-advisories/details?id=NXSA-AOS-7.3.1.7
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?c9e0f051");
script_set_attribute(attribute:"solution", value:
"Update the Nutanix AOS software to the recommended version. Before upgrading: if this cluster is registered with Prism
Central, ensure that Prism Central has been upgraded first to a compatible version. Refer to the Software Product
Interoperability page on the Nutanix portal.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:C/A:N");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss4_vector", value:"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N");
script_set_attribute(attribute:"cvss4_threat_vector", value:"CVSS:4.0/E:P");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2026-24734");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2026-25646");
script_set_attribute(attribute:"cvss4_score_source", value:"CVE-2026-25646");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2024/04/09");
script_set_attribute(attribute:"patch_publication_date", value:"2026/04/21");
script_set_attribute(attribute:"plugin_publication_date", value:"2026/04/21");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:nutanix:aos");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Misc.");
script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("nutanix_collect.nasl");
script_require_keys("Host/Nutanix/Data/lts", "Host/Nutanix/Data/Service", "Host/Nutanix/Data/Version", "Host/Nutanix/Data/arch");
exit(0);
}
include('vcf.inc');
include('vcf_extras.inc');
var app_info = vcf::nutanix::get_app_info();
var constraints = [
{ 'fixed_version' : '7.3.1.7', 'equal' : '6.10', 'product' : 'AOS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '6.10.0.5', 'product' : 'AOS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '6.10.1', 'product' : 'AOS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '6.10.1.5', 'product' : 'AOS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '6.10.1.6', 'product' : 'AOS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '6.10.1.7', 'product' : 'AOS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '6.10.1.8', 'product' : 'AOS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '6.10.1.9', 'product' : 'AOS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '6.10.1.10', 'product' : 'AOS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '6.10.1.11', 'product' : 'AOS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '6.10.1.12', 'product' : 'AOS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '6.10.1.14', 'product' : 'AOS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.0', 'product' : 'AOS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.0.0.5', 'product' : 'AOS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.0.1', 'product' : 'AOS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.0.1.5', 'product' : 'AOS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.0.1.6', 'product' : 'AOS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.0.1.7', 'product' : 'AOS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.0.1.8', 'product' : 'AOS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.0.1.9', 'product' : 'AOS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.0.1.10', 'product' : 'AOS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.0.1.11', 'product' : 'AOS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.0.1.13', 'product' : 'AOS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.0.1.14', 'product' : 'AOS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.0.1.15', 'product' : 'AOS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.3', 'product' : 'AOS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.3.0.1', 'product' : 'AOS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.3.0.5', 'product' : 'AOS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.3.0.6', 'product' : 'AOS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.3.0.7', 'product' : 'AOS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.3.1', 'product' : 'AOS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.3.1.1', 'product' : 'AOS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.3.1.2', 'product' : 'AOS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.3.1.4', 'product' : 'AOS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.3.1.5', 'product' : 'AOS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.3.1.6', 'product' : 'AOS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '6.10', 'product' : 'NDFS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '6.10.0.5', 'product' : 'NDFS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '6.10.1', 'product' : 'NDFS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '6.10.1.5', 'product' : 'NDFS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '6.10.1.6', 'product' : 'NDFS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '6.10.1.7', 'product' : 'NDFS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '6.10.1.8', 'product' : 'NDFS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '6.10.1.9', 'product' : 'NDFS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '6.10.1.10', 'product' : 'NDFS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '6.10.1.11', 'product' : 'NDFS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '6.10.1.12', 'product' : 'NDFS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '6.10.1.14', 'product' : 'NDFS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.0', 'product' : 'NDFS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.0.0.5', 'product' : 'NDFS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.0.1', 'product' : 'NDFS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.0.1.5', 'product' : 'NDFS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.0.1.6', 'product' : 'NDFS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.0.1.7', 'product' : 'NDFS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.0.1.8', 'product' : 'NDFS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.0.1.9', 'product' : 'NDFS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.0.1.10', 'product' : 'NDFS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.0.1.11', 'product' : 'NDFS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.0.1.13', 'product' : 'NDFS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.0.1.14', 'product' : 'NDFS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.0.1.15', 'product' : 'NDFS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.3', 'product' : 'NDFS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.3.0.1', 'product' : 'NDFS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.3.0.5', 'product' : 'NDFS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.3.0.6', 'product' : 'NDFS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.3.0.7', 'product' : 'NDFS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.3.1', 'product' : 'NDFS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.3.1.1', 'product' : 'NDFS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.3.1.2', 'product' : 'NDFS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.3.1.4', 'product' : 'NDFS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.3.1.5', 'product' : 'NDFS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' },
{ 'fixed_version' : '7.3.1.7', 'equal' : '7.3.1.6', 'product' : 'NDFS', 'fixed_display' : 'Upgrade the AOS install to 7.3.1.7 or higher.' }
];
vcf::nutanix::check_version_and_report(
app_info:app_info,
constraints:constraints,
severity:SECURITY_HOLE
);
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation