The version of AHV installed on the remote host is prior to 20230302.102005. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-20230302.102001 advisory.

  - squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different     vulnerability than CVE-2021-40153. A squashfs filesystem that has been crafted to include a symbolic link     and then contents under the same filename in a filesystem can cause unsquashfs to first create the     symbolic link pointing outside the expected directory, and then the subsequent write operation will cause     the unsquashfs process to write through the symbolic link elsewhere in the filesystem. (CVE-2021-41072)

  - linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login     process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY. (CVE-2024-22365)

  - An issue was found in the CPython `tempfile.TemporaryDirectory` class affecting versions 3.12.1, 3.11.7,     3.10.13, 3.9.18, and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereference symlinks     during cleanup of permissions-related errors. This means users which can run privileged programs are     potentially able to modify permissions of files referenced by symlinks in some circumstances.
    (CVE-2023-6597)

  - An issue was found in the CPython `zipfile` module affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and     3.8.18 and prior. The zipfile module is vulnerable to quoted-overlap zip-bombs which exploit the zip     format to create a zip-bomb with a high compression ratio. The fixed versions of CPython makes the zipfile     module reject zip archives which overlap entries in the archive. (CVE-2024-0450)

  - The DNS message parsing code in `named` includes a section whose computational complexity is overly high.
    It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive     CPU load on the affected `named` instance by exploiting this flaw. This issue affects both authoritative     servers and recursive resolvers. This issue affects BIND 9 versions 9.0.0 through 9.16.45, 9.18.0 through     9.18.21, 9.19.0 through 9.19.19, 9.9.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1     through 9.18.21-S1. (CVE-2023-4408)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-20230302.102001)

medium Nessus Plugin ID 208276

Version 1.5

Version 1.4

Version 1.3

Version 1.2

Version 1.1

Version 1.5 Feb 19, 2025, 2:36 PM CVE (set "CVE" coverage to "CVE-1999-0524,CVE-2021-40153,CVE-2021-41072,CVE-2022-2880,CVE-2022-41715,CVE-2023-4408,CVE-2023-6004,CVE-2023-6597,CVE-2023-6918,CVE-2023-36617,CVE-2023-50387,CVE-2023-50868,CVE-2024-0450,CVE-2024-1753,CVE-2024-2494,CVE-2024-2961,CVE-2024-22195,CVE-2024-22365,CVE-2024-24786,CVE-2024-25062,CVE-2024-27280,CVE-2024-27281,CVE-2024-27282,CVE-2024-28180,CVE-2024-33599,CVE-2024-33600,CVE-2024-33601,CVE-2024-33602,CVE-2024-35176") CVSS metrics ("Cvssv4 score" set to 6.4) CVSS metrics ("Cvssv4 threat vector" set to "CVSS:4.0/E:P") CVSS metrics ("Cvssv4 vector" set to "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:H/SI:H/SA:H") CVSSv2 severity (based on CVE-1999-0524, severity decreased from "High" to "Medium") Detection (updated detection logic) Exploit attributes ("Exploit framework metasploit" changed from "True" to none) Plugin metadata Plugin Feed: 202502191436
Version 1.4 Feb 17, 2025, 8:34 PM IAVM reference Plugin Feed: 202502172034
Version 1.3 Oct 21, 2024, 9:27 AM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:F/RL:OF/RC:C") CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:F/RL:O/RC:C") Exploit attributes ("Exploit framework metasploit" set to "True") Plugin Feed: 202410210927
Version 1.2 Oct 11, 2024, 5:40 PM IAVM reference STIG Severity (set to "I") Plugin Feed: 202410111740
Version 1.1 Oct 8, 2024, 10:36 PM New Plugin Feed: 202410082236