As a result of the identification of “multiple” significant vulnerabilities in the network management tool, CISA has advised VMware users to deploy updates for Aria Operations for Networks immediately. The first vulnerability is an SSH authentication bypass weakness that was found by security researchers from ProjectDiscovery Research and reported to the company last week. It is tagged as CVE-2023-34039.
The vulnerability, according to VMware, was caused by a “lack of unique cryptographic key generation” and would allow threat actors to access the command line for the Aria tool without going through SSH authentication. According to VMware’s advisory, a hostile actor with network access to Aria Operations for Networks might get through SSH authentication and access the CLI.