Proof-of-concept exploit code has been released for a critical SSH authentication bypass vulnerability in VMware’s Aria Operations for Networks analysis tool (formerly known as vRealize Network Insight).
The flaw (tracked as CVE-2023-34039) was found by security analysts at ProjectDiscovery Research and patched by VMware on Wednesday with the release of version 6.11.
Successful exploitation enables remote attackers to bypass SSH authentication on unpatched appliances and access the tool’s…