CONFERENCE Cyber AI & Automation Summit - Watch Sessions
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

VMware Patches High-Severity Vulnerabilities in Aria Operations

The company warns that malicious hackers can craft exploits to elevate privileges or launch cross-site scripting attacks.

VMware vulnerability

Virtualization software vendor VMware on Tuesday released a high-severity bulletin with patches for at least five security defects in its Aria Operations product.

The company documented five distinct vulnerabilities in the cloud IT operations platform and warned that malicious hackers can craft exploits to elevate privileges or launch cross-site scripting attacks.

Here are the details from VMware’s VMSA-2024-0022 bulletin

  • CVE-2024-38830 – Local privilege escalation vulnerability (CVSS 7.8). Exploitable by actors with local administrative privileges to gain root access on the appliance.
  • CVE-2024-38831 – Local privilege escalation vulnerability (CVSS 7.8). Enables malicious commands via properties file modifications, allowing privilege escalation to root.
  • CVE-2024-38832 – Stored cross-site scripting vulnerability (CVSS 7.1). Allows script injection by users with editing access to views.
  • CVE-2024-38833 – Stored cross-site scripting vulnerability (CVSS 6.8). Permits malicious script injection through email templates.
  • CVE-2024-38834 – Stored cross-site scripting vulnerability (CVSS 6.5). Targets cloud provider editing functionality for script injection.

The company said the vulnerabilities affect VMware Aria Operations (version 8.x), and VMware Cloud Foundation (versions 4.x and 5.x utilizing Aria Operations).

Corporate users are urged to apply the available patches urgently with VMware noting that there are no available workarounds.

VMware virtualization technology products have been a major target for advanced hacking groups.  The CISA Known Exploited Vulnerabilities (KEV) catalog includes multiple entries for VMware defects, including at least one for VMware Aria Operations.

Related: Hard-to-Fix VMware vCenter Server Flaw Being Exploited

Related: VMware Struggles to Fix Flaw Exploited at Chinese Hacking Contest

Related: VMware Patches High-Severity SQL Injection Flaw in HCX Platform

Advertisement. Scroll to continue reading.

Related: VMware Patches RCE Flaw Found in Chinese Hacking Contest

Written By

Ryan Naraine is Editor-at-Large at SecurityWeek and host of the popular Security Conversations podcast series. He is a security community engagement expert who has built programs at major global brands, including Intel Corp., Bishop Fox and GReAT. Ryan is a founding-director of the Security Tinkerers non-profit, an advisor to early-stage entrepreneurs, and a regular speaker at security conferences around the world.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Don’t miss this Live Attack demonstration to learn how hackers operate and gain the knowledge to strengthen your defenses.

Register

Join us as we share best practices for uncovering risks and determining next steps when vetting external resources, implementing solutions, and procuring post-installation support.

Register

People on the Move

Shanta Kohli has been named CMO at Sysdig.

Cloud security firm Sysdig has appointed Sergej Epp as CISO.

F5 has appointed John Maddison as Chief Product Marketing and Technology Alliances Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.