VMware has patched one critical (CVE-2023-34039) and one high-severity vulnerability (CVE-2023-20890) in Aria Operations for Networks, its popular enterprise network monitoring tool.
About the vulnerabilities (CVE-2023-34039, CVE-2023-20890)
CVE-2023-34039 is a network bypass vulnerability arising as a result of a lack of unique cryptographic key generation. It could allow an attacker with network access to Aria Operations for Networks to bypass SSH authentication to gain access to…