Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.VMWARE_ARIA_AUTOMATION_VMSA_2024_0001.NASL
HistoryJan 19, 2024 - 12:00 a.m.

VMware Aria Automation Access Control Vulnerability (VMSA-2024-0001)

2024-01-1900:00:00
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
17
vmware aria automation
vulnerability
access control

CVSS3

9.9

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:H

AI Score

8.3

Confidence

High

EPSS

0

Percentile

9.8%

JSON

The VMware Aria Automation application running on the remote host is prior to 8.11.0 Build 30127, 8.12.0 Build 31368, 8.13.0 Build 32385, 8.14.1 Build 33501, or 8.16.0.
It is, therefore, affected by a missing access control vulnerability. An authenticated malicious actor may exploit this vulnerability leading to unauthorized access to remote organizations and workflows.

#%NASL_MIN_LEVEL 80900
#
# (C) Tenable Network Security, Inc.
#

include('compat.inc');

if (description)
{
  script_id(189244);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/01/26");

  script_cve_id("CVE-2023-34063");
  script_xref(name:"VMSA", value:"2024-0001");

  script_name(english:"VMware Aria Automation Access Control Vulnerability (VMSA-2024-0001)");

  script_set_attribute(attribute:"synopsis", value:
"A device management application running on the remote host is affected
by an access control vulnerability.");
  script_set_attribute(attribute:"description", value:
"The VMware Aria Automation application running on the remote host
is prior to 8.11.0 Build 30127, 8.12.0 Build 31368, 8.13.0 Build 32385, 8.14.1 Build 33501, or 8.16.0.
It is, therefore, affected by a missing access control vulnerability. An authenticated malicious 
actor may exploit this vulnerability leading to unauthorized access to remote organizations and workflows.");
  script_set_attribute(attribute:"see_also", value:"https://www.vmware.com/security/advisories/VMSA-2024-0001.html");
  script_set_attribute(attribute:"solution", value:
"Upgrade to VMware Aria Automation version 8.16 or later or apply the appropriate patch as advised 
in the vendor advisory.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-34063");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2024/01/16");
  script_set_attribute(attribute:"patch_publication_date", value:"2024/01/16");
  script_set_attribute(attribute:"plugin_publication_date", value:"2024/01/19");

  script_set_attribute(attribute:"plugin_type", value:"combined");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:vmware:vrealize_automation");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl", "vmware_vrealize_automation_webui_detect.nbin");
  script_require_ports("Host/VMware vRealize Automation/Version", "installed_sw/VMware vRealize Automation");

  exit(0);
}

include('misc_func.inc');
include('http_func.inc');
include('webapp_func.inc');
include('vcf.inc');
include('vcf_extras.inc');


var app_name = 'VMware vRealize Automation';

var app_info = vcf::vmware_aria_auto::get_app_info(app:app_name);

var constraints = [
  { 'min_version' : '4.0', 'max_version' : '8.11', 'fixed_display': 'Upgrade to 8.16 or later'},
  { 'min_version' : '8.11.0.0', 'fixed_version' : '8.11.2.30127', 'fixed_display': '8.11.0 Build 30127'},
  { 'min_version' : '8.12.0.0', 'fixed_version' : '8.12.2.31368', 'fixed_display': '8.12.0 Build 31368'},
  { 'min_version' : '8.13.0.0', 'fixed_version' : '8.13.1.32385', 'fixed_display': '8.13.0 Build 32385'},
  { 'min_version' : '8.14.0.0', 'fixed_version' : '8.14.1.33501', 'fixed_display': '8.14.1 Build 33501'}
];

vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);

Related

cvelist 1
nvd 1
prion 1
cve 1
vmware 1
thn 1
cvelist
cvelist
CVE-2023-34063
2024-01-16 09:10:09
nvd
nvd
CVE-2023-34063
2024-01-16 10:15:07
prion
prion
Improper access control
2024-01-16 10:15:00
cve
cve
CVE-2023-34063
2024-01-16 10:15:07
vmware
vmware
VMware Aria Automation (formerly vRealize Automation) updates address a Missing Access Control vulnerability (CVE-2023-34063)
2024-01-16 00:00:00
thn
thn
Citrix, VMware, and Atlassian Hit with Critical Flaws — Patch ASAP!
2024-01-17 04:14:00

CVSS3

9.9

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:H

AI Score

8.3

Confidence

High

EPSS

0

Percentile

9.8%

JSON
Related for VMWARE_ARIA_AUTOMATION_VMSA_2024_0001.NASL
cvelist1nvd1prion1cve1vmware1thn1