Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-7.0)

medium Nessus Plugin ID 212124

Synopsis

The Nutanix AOS host is affected by multiple vulnerabilities .

Description

The version of AOS installed on the remote host is prior to 7.0. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-7.0 advisory.

- squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different vulnerability than CVE-2021-40153. A squashfs filesystem that has been crafted to include a symbolic link and then contents under the same filename in a filesystem can cause unsquashfs to first create the symbolic link pointing outside the expected directory, and then the subsequent write operation will cause the unsquashfs process to write through the symbolic link elsewhere in the filesystem. (CVE-2021-41072)

- An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX). (CVE-2024-45492)

- A vulnerability was found in libndp. This flaw allows a local malicious user to cause a buffer overflow in NetworkManager, triggered by sending a malformed IPv6 router advertisement packet. This issue occurred as libndp was not correctly validating the route length information. (CVE-2024-5564)

- Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py. (CVE-2022-40897)

- cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions `Cipher.update_into` would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects (such as `bytes`) to be mutated, thus violating fundamental rules of Python and resulting in corrupted output. This now correctly raises an exception. This issue has been present since `update_into` was originally introduced in cryptography 1.8.
(CVE-2023-23931)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the Nutanix AOS software to the recommended version. Before upgrading: if this cluster is registered with Prism Central, ensure that Prism Central has been upgraded first to a compatible version. Refer to the Software Product Interoperability page on the Nutanix portal.

See Also

http://www.nessus.org/u?2b44ce46

Plugin Details

Severity: Medium

ID: 212124

File Name: nutanix_NXSA-AOS-7_0.nasl

Version: 1.6

Type: Local

Family: Misc.

Published: 12/6/2024

Updated: 6/30/2026

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.9

Percentile: 96.95

CVSS v2

Risk Factor: Medium

Base Score: 5.8

Temporal Score: 4.5

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P

CVSS Score Source: CVE-2021-41072

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2024-45492

CVSS v4

Risk Factor: Medium

Base Score: 6.4

Threat Score: 5.6

Threat Vector: CVSS:4.0/E:P

Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:H/SI:H/SA:H

CVSS Score Source: CVE-1999-0524

Vulnerability Information

CPE: cpe:/o:nutanix:aos

Required KB Items: Host/Nutanix/Data/lts, Host/Nutanix/Data/Service, Host/Nutanix/Data/Version, Host/Nutanix/Data/arch

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 12/5/2024

Vulnerability Publication Date: 8/1/1997

Reference Information

CVE: CVE-1999-0524, CVE-2021-40153, CVE-2021-41072, CVE-2022-2880, CVE-2022-40897, CVE-2022-41715, CVE-2023-23931, CVE-2023-27043, CVE-2023-29483, CVE-2023-43804, CVE-2023-4408, CVE-2023-4692, CVE-2023-4693, CVE-2023-50387, CVE-2023-50868, CVE-2023-6597, CVE-2024-0450, CVE-2024-1048, CVE-2024-1753, CVE-2024-22195, CVE-2024-22365, CVE-2024-24786, CVE-2024-25062, CVE-2024-2511, CVE-2024-26458, CVE-2024-26461, CVE-2024-28176, CVE-2024-28180, CVE-2024-3019, CVE-2024-33599, CVE-2024-33600, CVE-2024-33601, CVE-2024-33602, CVE-2024-34750, CVE-2024-3651, CVE-2024-37891, CVE-2024-39689, CVE-2024-4032, CVE-2024-45490, CVE-2024-45491, CVE-2024-45492, CVE-2024-45769, CVE-2024-45770, CVE-2024-4603, CVE-2024-4741, CVE-2024-5564, CVE-2024-5742, CVE-2024-6232, CVE-2024-6345, CVE-2024-6923