VMware Aria Automation Flaw Let Hackers Perform SQL Injection Attacks

VMware has launched security updates to address a important SQL injection vulnerability in its Aria Automation product. The vulnerability tracked as CVE-2024-22280, would possibly doubtless perhaps perhaps also permit authenticated attackers to secure unauthorized database operations.

The vulnerability impacts VMware Aria Automation model 8.x and VMware Cloud Basis variations 5.x and 4.x. It carries a CVSS severity derive of 8.5 out of 10, indicating its high severity.

In accordance with VMware’s advisory, the topic stems from shocking enter validation in Aria Automation. An authenticated malicious user would possibly doubtless perhaps perhaps also exploit this by getting into particularly crafted SQL queries to secure unauthorized read and write operations within the database.

Researchers Alexandre Lavoie and Felix Boulet from Quebec’s Centre Gouvernemental de Cyberdéfense (CGCD) privately reported the vulnerability to VMware.

VMware has launched patches to address the vulnerability in affected variations. Customers are strongly suggested to update to potentially the most up-to-the-minute variations today.

For Aria Automation variations earlier than eight.17.0, express patches shall be found in.

To envision if a VMware Aria Automation installation is liable to CVE-2024-22280, customers can apply these steps:

Take a look at the Establish in Version:

• Log in to 1 amongst the Aria Automation appliances by SSH.
• Hunch the record: vracli version patch
• This can stamp the present model and patch level[4].

Compare the model to the affected variations:

• CVE-2024-22280 impacts VMware Aria Automation model 8.x (earlier than eight.17.0).
• Variations 8.17.0 and above are no longer impacted by this vulnerability.

If operating an affected model, check if the patch is installed:

• The vracli version patch record output would possibly doubtless perhaps perhaps also quiet demonstrate if the explicit security patch for CVE-2024-22280 is installed.

For VMware Cloud Basis customers:

• Take a look at if you happen to’re operating variations 5.x or 4.x, which are furthermore affected.

If no patch is present and the model is below 8.17.0, the installation is seemingly vulnerable.

To remediate the vulnerability:

• For variations 8.17.0 and above: No action is required as they’re no longer affected.
• For variations 8.13.0 to eight.16.2: Observe the corresponding patch listed within the VMware knowledge scandalous article.
• For all affected variations: Possess in thoughts upgrading to model 8.17.0 or later to secure to the underside of the vulnerability.

It’s wanted to use the obligatory patches or upgrades as soon as most likely, as this SQL injection vulnerability would possibly doubtless perhaps perhaps also permit authenticated attackers to secure unauthorized read and write operations within the database.