VMware Aria Operations Hit By Multiple Vulnerabilities
VMware has recently issued patches to address multiple vulnerabilities affecting its Aria Operations product. The vulnerabilities, responsibly reported to VMware, range in severity from Important to Moderate, with the most severe potentially allowing for local privilege escalation.
One of the vulnerabilities, identified as CVE-2024-38830, could allow a malicious actor with local administrative privileges to escalate privileges to the root user on the appliance running VMware Aria Operations. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.8.
Another Important severity vulnerability, CVE-2024-38831, could allow a malicious actor with local administrative privileges to insert malicious commands into the properties file to escalate privileges to a root user on the appliance running VMware Aria Operations.
The remaining vulnerabilities are related to stored cross-site scripting (XSS). These vulnerabilities could allow a malicious actor with various levels of access to inject malicious scripts, potentially leading to unauthorized actions or data theft.
The affected versions include VMware Aria Operations 8.x and VMware Cloud Foundation (4.x and 5.x). Users must update to version 8.18.2 or later to address these vulnerabilities.
The company has also expressed gratitude to the security researchers who reported these vulnerabilities, including individuals from MoyunSec Vlab, Michelin CERT, and independent researchers.
