Detections
Analytics

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-10.0.1.7)

high Nessus Plugin ID 299021

Synopsis

The Nutanix AHV host is affected by multiple vulnerabilities .

Description

The version of AHV installed on the remote host is prior to AHV-10.0.1.7. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-10.0.1.7 advisory.

 - A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the ssh_kdf() function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for successthe function may mistakenly return a success status even when key derivation fails. This results in uninitialized cryptographic key buffers being used in subsequent communication, potentially compromising SSH sessions' confidentiality, integrity, and availability. (CVE-2025-5372)

 - A data corruption vulnerability has been identified in the luksmeta utility when used with the LUKS1 disk encryption format. An attacker with the necessary permissions can exploit this flaw by writing a large amount of metadata to an encrypted device. The utility fails to correctly validate the available space, causing the metadata to overwrite and corrupt the user's encrypted data. This action leads to a permanent loss of the stored information. Devices using the LUKS formats other than LUKS1 are not affected by this issue. (CVE-2025-11568)

 - libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing. (CVE-2025-59375)

 - Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1. (CVE-2025-40778)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the Nutanix AHV software to the recommended version. Before upgrading: if this cluster is registered with Prism Central, ensure that Prism Central has been upgraded first to a compatible version. Refer to the Software Product Interoperability page on the Nutanix portal.

See Also

http://www.nessus.org/u?8a93afba

Plugin Details

Severity: High

ID: 299021

File Name: nutanix_NXSA-AHV-10_0_1_7.nasl

Version: 1.1

Type: local

Family: Misc.

Published: 2/13/2026

Updated: 2/13/2026

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.1

CVSS v2

Risk Factor: High

Base Score: 9

Temporal Score: 7

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2025-5372

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.9

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS v4

Risk Factor: High

Base Score: 7.6

Threat Score: 6.8

Threat Vector: CVSS:4.0/E:P

Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N

Vulnerability Information

CPE: cpe:/o:nutanix:ahv

Required KB Items: Host/Nutanix/Data/Node/Version, Host/Nutanix/Data/Node/Type

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2/13/2026

Vulnerability Publication Date: 6/10/2025

Reference Information

CVE: CVE-2025-11568, CVE-2025-40778, CVE-2025-5372, CVE-2025-59375