The version of AOS installed on the remote host is prior to 6.0.1. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.0.1 advisory.

  - encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service (invalid write     access and application crash) or possibly have unspecified other impact via a crafted UTF-8 character     sequence. (CVE-2021-26937)

  - Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java     SE (component: Libraries). Supported versions that are affected are Java SE: 7u291, 8u281, 11.0.10, 16;
    Java SE Embedded: 8u281; Oracle GraalVM Enterprise Edition: 19.3.5, 20.3.1.2 and 21.0.0.2. Difficult to     exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to     compromise Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition. Successful attacks require human     interaction from a person other than the attacker. Successful attacks of this vulnerability can result in     unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded,     Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments     that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox     for security. (CVE-2021-2163)

  - In ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2 (Other branches of ISC DHCP (i.e., releases     in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no     longer supported by ISC. From inspection it is clear that the defect is also present in releases from     those series, but they have not been officially tested for the vulnerability), The outcome of encountering     the defect while reading a lease that will trigger it varies, according to: the component being affected     (i.e., dhclient or dhcpd) whether the package was built as a 32-bit or 64-bit binary whether the compiler     flag -fstack-protection-strong was used when compiling In dhclient, ISC has not successfully reproduced     the error on a 64-bit system. However, on a 32-bit system it is possible to cause dhclient to crash when     reading an improper lease, which could cause network connectivity problems for an affected system due to     the absence of a running DHCP client process. In dhcpd, when run in DHCPv4 or DHCPv6 mode: if the dhcpd     server binary was built for a 32-bit architecture AND the -fstack-protection-strong flag was specified to     the compiler, dhcpd may exit while parsing a lease file containing an objectionable lease, resulting in     lack of service to clients. Additionally, the offending lease and the lease immediately following it in     the lease database may be improperly deleted. if the dhcpd server binary was built for a 64-bit     architecture OR if the -fstack-protection-strong compiler flag was NOT specified, the crash will not     occur, but it is possible for the offending lease and the lease which immediately followed it to be     improperly deleted. (CVE-2021-25217)

  - Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java     SE (component: Libraries). Supported versions that are affected are Java SE: 7u291, 8u281, 11.0.10, 16;
    Java SE Embedded: 8u281; Oracle GraalVM Enterprise Edition: 19.3.5, 20.3.1.2 and 21.0.0.2. Difficult to     exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to     compromise Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition. Successful attacks of this     vulnerability can result in unauthorized creation, deletion or modification access to critical data or all     Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability     applies to Java deployments that load and run untrusted code (e.g., code that comes from the internet) and     rely on the Java sandbox for security. It can also be exploited by supplying untrusted data to APIs in the     specified Component. (CVE-2021-2161)

  - A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions     (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being     called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to     force an invalid signature, causing an assertion failure or possible validation. The highest threat to     this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2021-20305)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.0.1)

critical Nessus Plugin ID 164614

Version 1.8

Version 1.7

Version 1.6

Version 1.5

Version 1.4

Version 1.3

Version 1.8 Jan 15, 2025, 3:48 PM CVSS metrics ("Cvssv4 score" set to 0.0) CVSSv2 severity (based on None, severity decreased from "High" to "Low") Plugin metadata Plugin Feed: 202501151548
Version 1.7 Dec 10, 2024, 2:49 AM CVE (set "CVE" coverage to "CVE-2020-8648,CVE-2020-12362,CVE-2020-12363,CVE-2020-12364,CVE-2020-27170,CVE-2021-2163,CVE-2021-3347,CVE-2021-20305,CVE-2021-25215,CVE-2021-25217,CVE-2021-26937,CVE-2021-27219") CVSS metrics ("Cvssv4 score" set to 0.0) CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:POC/RL:OF/RC:C") CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:P/RL:O/RC:C") CVSSv2 severity (based on None, severity decreased from "High" to "Low") Plugin metadata Plugin Feed: 202412100249
Version 1.6 Oct 6, 2023, 6:56 PM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:F/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:F/RL:O/RC:C") Detection Exploit attributes ("Exploit available" set to "True". "Exploitability ease" changed from "No known exploits are available" to "Exploits are available") Plugin Feed: 202310061856
Version 1.5 Feb 23, 2023, 6:16 PM Plugin metadata Plugin Feed: 202302231816
Version 1.4 Jan 27, 2023, 10:34 PM Regenerated based on advisory update Plugin Feed: 202301272234
Version 1.3 Dec 6, 2022, 4:40 AM Reference Plugin Feed: 202212060440