Detections
Analytics
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-7.5.1.6)
high Nessus Plugin ID 317994
Synopsis
The Nutanix AOS host is affected by multiple vulnerabilities .Description
The version of AOS installed on the remote host is prior to 7.5.1.6. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-7.5.1.6 advisory.- Vim is an open source, command line text editor. Versions prior to 9.2.0077 have a heap-buffer-overflow and a segmentation fault (SEGV) exist in Vim's swap file recovery logic. Both are caused by unvalidated fields read from crafted pointer blocks within a swap file. Version 9.2.0077 fixes the issue.
(CVE-2026-28421)
- If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers may make recursive queries (see: https://kb.isc.org/docs/why- does-my-authoritative-server-make-recursive-queries). This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.46, 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.46-S1, and 9.20.9-S1 through 9.20.20-S1. (CVE-2026-1519)
- A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can exploit this by providing a specially crafted RAR archive, leading to the disclosure of sensitive heap memory information without requiring authentication or user interaction. (CVE-2026-4424)
- A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can exploit this by providing a specially crafted ISO9660 image, which can lead to a heap buffer overflow. This could potentially allow for arbitrary code execution on the affected system. (CVE-2026-5121)
- A flaw was found in GnuTLS. This vulnerability allows a denial of service (DoS) by excessive CPU (Central Processing Unit) and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names (SANs). (CVE-2025-14831)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the Nutanix AOS software to the recommended version. Before upgrading: if this cluster is registered with Prism Central, ensure that Prism Central has been upgraded first to a compatible version. Refer to the Software Product Interoperability page on the Nutanix portal.See Also
Plugin Details
Severity: High
ID: 317994
File Name: nutanix_NXSA-AOS-7_5_1_6.nasl
Version: 1.1
Type: Local
Family: Misc.
Published: 5/30/2026
Updated: 5/30/2026
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: High
Base Score: 7.2
Temporal Score: 5.3
Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2026-28421
CVSS v3
Risk Factor: High
Base Score: 7.8
Temporal Score: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
CVSS v4
Risk Factor: High
Base Score: 7
Threat Score: 3.7
Threat Vector: CVSS:4.0/E:U
Vector: CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
CVSS Score Source: CVE-2026-4519
Vulnerability Information
CPE: cpe:/o:nutanix:aos
Required KB Items: Host/Nutanix/Data/lts, Host/Nutanix/Data/Service, Host/Nutanix/Data/Version, Host/Nutanix/Data/arch
Exploit Ease: No known exploits are available
Patch Publication Date: 5/29/2026
Vulnerability Publication Date: 1/31/2025
Reference Information
CVE: CVE-2025-0938, CVE-2025-10158, CVE-2025-14831, CVE-2025-9820, CVE-2026-1519, CVE-2026-27135, CVE-2026-28417, CVE-2026-28421, CVE-2026-33412, CVE-2026-3497, CVE-2026-4424, CVE-2026-4519, CVE-2026-5121