Detections
Analytics

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.19.2)

medium Nessus Plugin ID 164578

Language:

Synopsis

The Nutanix AOS host is affected by multiple vulnerabilities .

Description

The version of AOS installed on the remote host is prior to 5.19.2. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.19.2 advisory.

 - Perl before 5.30.3 has an integer overflow related to mishandling of a PL_regkind[OP(n)] == NOTHING situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection. (CVE-2020-10878)

 - A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2020-25643)

 - Net-SNMP through 5.8 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root. (CVE-2020-15862)

 - The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi- byte input sequences in the EUC-KR encoding, may have a buffer over-read. (CVE-2019-25013)

 - The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c. (CVE-2020-10029)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the Nutanix AOS software to recommended version.

See Also

http://www.nessus.org/u?dcf02d8b

Plugin Details

Severity: Medium

ID: 164578

File Name: nutanix_NXSA-AOS-5_19_2.nasl

Version: 1.11

Type: local

Family: Misc.

Published: 9/1/2022

Updated: 1/13/2025

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 9.7

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:C

CVSS Score Source: CVE-2020-25643

CVSS v3

Risk Factor: High

Base Score: 8.6

Temporal Score: 8.2

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C

CVSS Score Source: CVE-2020-10878

CVSS v4

Risk Factor: Medium

Base Score: 4.8

Threat Score: 4.8

Threat Vector: CVSS:4.0/E:A

Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

CVSS Score Source: CVE-2020-15862

Vulnerability Information

CPE: cpe:/o:nutanix:aos

Required KB Items: Host/Nutanix/Data/lts, Host/Nutanix/Data/Service, Host/Nutanix/Data/Version, Host/Nutanix/Data/arch

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 8/24/2022

Vulnerability Publication Date: 1/16/2020

CISA Known Exploited Vulnerability Due Dates: 4/27/2022

Exploitable With

CANVAS (CANVAS)

Core Impact

Metasploit (Sudo Heap-Based Buffer Overflow)

Reference Information

CVE: CVE-2019-18282, CVE-2019-25013, CVE-2020-10029, CVE-2020-10543, CVE-2020-10769, CVE-2020-10878, CVE-2020-12723, CVE-2020-14314, CVE-2020-14385, CVE-2020-14779, CVE-2020-14781, CVE-2020-14782, CVE-2020-14792, CVE-2020-14796, CVE-2020-14797, CVE-2020-14803, CVE-2020-15436, CVE-2020-15862, CVE-2020-1971, CVE-2020-24394, CVE-2020-25212, CVE-2020-25643, CVE-2020-29573, CVE-2020-35513, CVE-2020-8625, CVE-2021-25122, CVE-2021-25329, CVE-2021-3156