Detections
Analytics

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.0)

medium Nessus Plugin ID 164597

Language:

Synopsis

The Nutanix AOS host is affected by multiple vulnerabilities .

Description

The version of AOS installed on the remote host is prior to 6.0. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.0 advisory.

 - encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service (invalid write access and application crash) or possibly have unspecified other impact via a crafted UTF-8 character sequence. (CVE-2021-26937)

 - Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
 (CVE-2017-5715)

 - Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
 (CVE-2017-5753)

 - Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache. (CVE-2017-5754)

 - Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u291, 8u281, 11.0.10, 16;
 Java SE Embedded: 8u281; Oracle GraalVM Enterprise Edition: 19.3.5, 20.3.1.2 and 21.0.0.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. (CVE-2021-2163)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the Nutanix AOS software to recommended version.

See Also

http://www.nessus.org/u?2a3342a9

Plugin Details

Severity: Medium

ID: 164597

File Name: nutanix_NXSA-AOS-6_0.nasl

Version: 1.20

Type: local

Family: Misc.

Published: 9/1/2022

Updated: 1/20/2025

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 9.7

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2021-26937

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 9.4

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C

CVSS v4

Risk Factor: Medium

Base Score: 4.8

Threat Score: 4.8

Threat Vector: CVSS:4.0/E:A

Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

CVSS Score Source: CVE-2020-15862

Vulnerability Information

CPE: cpe:/o:nutanix:aos

Required KB Items: Host/Nutanix/Data/lts, Host/Nutanix/Data/Service, Host/Nutanix/Data/Version, Host/Nutanix/Data/arch

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 10/29/2022

Vulnerability Publication Date: 1/3/2018

CISA Known Exploited Vulnerability Due Dates: 4/27/2022

Exploitable With

CANVAS (CANVAS)

Core Impact

Metasploit (Sudo Heap-Based Buffer Overflow)

Reference Information

CVE: CVE-2017-5715, CVE-2017-5753, CVE-2017-5754, CVE-2019-19532, CVE-2019-25013, CVE-2020-0427, CVE-2020-10029, CVE-2020-10543, CVE-2020-10878, CVE-2020-12723, CVE-2020-14351, CVE-2020-15436, CVE-2020-15862, CVE-2020-25211, CVE-2020-25645, CVE-2020-25656, CVE-2020-25705, CVE-2020-28374, CVE-2020-29573, CVE-2020-29661, CVE-2020-35513, CVE-2020-7053, CVE-2020-8625, CVE-2021-20265, CVE-2021-20305, CVE-2021-2161, CVE-2021-2163, CVE-2021-25122, CVE-2021-25215, CVE-2021-25329, CVE-2021-26937, CVE-2021-27363, CVE-2021-27364, CVE-2021-27365, CVE-2021-3156