VMware fixes critical vulnerability in Aria Operations for Networks (CVE-2023-34039) – Help Net Security

Spread the love


VMware has patched one critical (CVE-2023-34039) and one high-severity vulnerability (CVE-2023-20890) in Aria Operations for Networks, its popular enterprise network monitoring tool.

About the vulnerabilities (CVE-2023-34039, CVE-2023-20890)

CVE-2023-34039 is a network bypass vulnerability arising as a result of a lack of unique cryptographic key generation. It could allow an attacker with network access to Aria Operations for Networks to bypass SSH authentication to gain access to…



Source link