VMware Aria Operations for Networks Authentication Bypass Vulnerability (CVE-2023-34039)

VMware Aria Operations for Networks Authentication Bypass Vulnerability (CVE-2023-34039)


Overview

Recently, NSFOCUS CERT detected an Authentication Bypass vulnerability in VMware Aria Operations for Networks.

Due to the lack of unique cryptographic key generation, Aria Operations for Networks is susceptible to an authentication bypass vulnerability. Attackers with network access to Aria Operations for Networks could bypass SSH authentication to gain access to the Aria Operations for Networks CLI. Successful exploitation of this vulnerability could lead to configuration…



Source link