6.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
9.1%
According to its self-reported version, the instance of VMWare Aria Operations (formerly vRealize Operations) running on the remote web server is < 8.16.0.23251571. It is, therefore, affected by the following:
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(190887);
script_version("1.2");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/03/22");
script_cve_id("CVE-2024-22235");
script_xref(name:"VMSA", value:"2024-0004");
script_xref(name:"IAVA", value:"2024-A-0109");
script_name(english:"VMWare Aria Operations < 8.16 PrivEsc (VMSA-2024-0004)");
script_set_attribute(attribute:"synopsis", value:
"A web application running on the remote server is affected by a privilege escalation vulnerability.");
script_set_attribute(attribute:"description", value:
"According to its self-reported version, the instance of VMWare Aria Operations (formerly vRealize Operations) running on the remote web
server is < 8.16.0.23251571. It is, therefore, affected by the following:
- VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with administrative
access to the local system can escalate privileges to 'root'.
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
# https://www.vmware.com/security/advisories/VMSA-2024-0004.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?4b75b4b7");
script_set_attribute(attribute:"see_also", value:"https://kb.vmware.com/s/article/92148");
# https://docs.vmware.com/en/VMware-Aria-Operations/8.16/rn/vmware-aria-operations-816-release-notes/index.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?316a78f9");
script_set_attribute(attribute:"solution", value:
"Upgrade to VMWare Aria Operations 8.16.0.1706185032 or later, or follow the steps in KB 92148.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-22235");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2024/02/20");
script_set_attribute(attribute:"patch_publication_date", value:"2024/02/20");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/02/22");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/a:vmware:vrealize_operations");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CGI abuses");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("vmware_vrealize_operations_manager_webui_detect.nbin");
script_require_keys("installed_sw/vRealize Operations Manager");
script_require_ports("Services/www", 443);
exit(0);
}
include('vcf.inc');
include('http.inc');
var app = 'vRealize Operations Manager';
get_install_count(app_name:app, exit_if_zero:TRUE);
var port = get_http_port(default:443);
var app_info = vcf::get_app_info(app:app, port:port, webapp:TRUE);
var constraints = [
{'min_version':'4.0', 'fixed_version':'8.16.0.23251571'}
];
vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);
Vendor | Product | Version | CPE |
---|---|---|---|
vmware | vrealize_operations | cpe:/a:vmware:vrealize_operations |
6.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
9.1%