False Positives for CVE-2024-6387, CVE-2024-39894 and CVE-2023-25136 in Security Scans on Aria Operations for Logs 8.18.4 or later
search cancel

False Positives for CVE-2024-6387, CVE-2024-39894 and CVE-2023-25136 in Security Scans on Aria Operations for Logs 8.18.4 or later

book

Article ID: 412752

calendar_today

Updated On:

Products

VCF Operations/Automation (formerly VMware Aria Suite)

Issue/Introduction

Security scanners may continue to report vulnerabilities CVE-2024-6387, CVE-2024-39894 and CVE-2023-25136 on systems running Aria Operations for Logs 8.18.4 or later, despite these issues being addressed in the release. This can lead to confusion regarding the security posture of the deployed environment.

Environment

Aria Operations for Logs 8.18.4
Aria Operations for Logs 8.18.5

Resolution

VMware By Broadcom is aware of CVE-2024-6387, CVE-2024-39894 and CVE-2023-25136.

Please refer to the release notes for existing and forthcoming product releases for any updates in relation to this CVE.

Should you require further information please contact Broadcom Support.

Additional Information

Powered by Wolken Software