Detections
Analytics

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.1)

high Nessus Plugin ID 164603

Language:

Synopsis

The Nutanix AOS host is affected by multiple vulnerabilities .

Description

The version of AOS installed on the remote host is prior to 6.1. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.1 advisory.

 - xpointer.c in libxml2 before 2.9.5 (as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products) does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and memory corruption) via a crafted XML document. (CVE-2016-4658)

 - NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS \#7, or PKCS \#12 are likely to be impacted. Applications using NSS for certificate validation or other TLS, X.509, OCSP or CRL functionality may be impacted, depending on how they configure NSS. *Note: This vulnerability does NOT impact Mozilla Firefox.* However, email clients and PDF viewers that use NSS for signature verification, such as Thunderbird, LibreOffice, Evolution and Evince are believed to be impacted. This vulnerability affects NSS < 3.73 and NSS < 3.68.1.
 (CVE-2021-43527)

 - Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
 (CVE-2017-5715)

 - Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
 (CVE-2017-5753)

 - Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache. (CVE-2017-5754)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the Nutanix AOS software to recommended version.

See Also

http://www.nessus.org/u?38a44d37

Plugin Details

Severity: High

ID: 164603

File Name: nutanix_NXSA-AOS-6_1.nasl

Version: 1.24

Type: local

Family: Misc.

Published: 9/1/2022

Updated: 1/17/2025

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 9.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2016-4658

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 9.4

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C

CVSS Score Source: CVE-2021-43527

CVSS v4

Risk Factor: High

Base Score: 8.7

Threat Score: 8.7

Threat Vector: CVSS:4.0/E:A

Vector: CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L

CVSS Score Source: CVE-2021-22543

Vulnerability Information

CPE: cpe:/o:nutanix:aos

Required KB Items: Host/Nutanix/Data/lts, Host/Nutanix/Data/Service, Host/Nutanix/Data/Version, Host/Nutanix/Data/arch

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 12/10/2022

Vulnerability Publication Date: 9/7/2016

CISA Known Exploited Vulnerability Due Dates: 12/15/2021, 5/3/2022

Reference Information

CVE: CVE-2016-4658, CVE-2017-5715, CVE-2017-5753, CVE-2017-5754, CVE-2019-19532, CVE-2019-20934, CVE-2020-0427, CVE-2020-11651, CVE-2020-11652, CVE-2020-11668, CVE-2020-14351, CVE-2020-25211, CVE-2020-25645, CVE-2020-25656, CVE-2020-25705, CVE-2020-27777, CVE-2020-28374, CVE-2020-29661, CVE-2020-36385, CVE-2020-7053, CVE-2021-20265, CVE-2021-20271, CVE-2021-20305, CVE-2021-2161, CVE-2021-2163, CVE-2021-22543, CVE-2021-22555, CVE-2021-2341, CVE-2021-2369, CVE-2021-23840, CVE-2021-23841, CVE-2021-2388, CVE-2021-25214, CVE-2021-25215, CVE-2021-26937, CVE-2021-27363, CVE-2021-27364, CVE-2021-27365, CVE-2021-29154, CVE-2021-29650, CVE-2021-30640, CVE-2021-32399, CVE-2021-33033, CVE-2021-33034, CVE-2021-33037, CVE-2021-33909, CVE-2021-35550, CVE-2021-35556, CVE-2021-35559, CVE-2021-35561, CVE-2021-35564, CVE-2021-35565, CVE-2021-35567, CVE-2021-35578, CVE-2021-35586, CVE-2021-35588, CVE-2021-35603, CVE-2021-3653, CVE-2021-3656, CVE-2021-3715, CVE-2021-37576, CVE-2021-40438, CVE-2021-4104, CVE-2021-41617, CVE-2021-42340, CVE-2021-42574, CVE-2021-43527, CVE-2021-44832