VMware Aria Automation SQLi Vulnerability (VMSA-2024-0017)

high Nessus Plugin ID 202622

Synopsis

A device management application running on the remote host is affected by an access control vulnerability.

Description

The VMware Aria Automation application running on the remote host is affected by a SQL injection vulnerability due to incorrect input validation which allows for SQL-injection in the product. An authenticated malicious actor may exploit this vulnerability leading to unauthorized access to remote organizations and workflows.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to VMware Aria Automation version 8.17.0 or later or apply the appropriate patch as advised in the vendor advisory.

See Also

http://www.nessus.org/u?e3dcb09a

Plugin Details

Severity: High

ID: 202622

File Name: vmware_aria_automation_VMSA_2024_0017.nasl

Version: 1.3

Type: combined

Family: Misc.

Published: 7/18/2024

Updated: 7/19/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.2

CVSS v2

Risk Factor: High

Base Score: 8.5

Temporal Score: 6.3

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:N

CVSS Score Source: CVE-2024-22280

CVSS v3

Risk Factor: High

Base Score: 8.1

Temporal Score: 7.1

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:vmware:vrealize_automation

Exploit Ease: No known exploits are available

Patch Publication Date: 7/10/2024

Vulnerability Publication Date: 7/10/2024

Reference Information

CVE: CVE-2024-22280

IAVA: 2024-A-0434

VMSA: 2024-0017