VMware patches Aria SSH bypass bug

By

File upload bug also fixed.

VMware is warning Aria Operations for Networks users they need to patch against a number of security vulnerabilities, including one that lets an attacker bypass SSH authentication.

VMware patches Aria SSH bypass bug

Aria Operations for Networks, formerly vRealize Network Insight, is a network and application monitoring tool that provides a cross-cloud digital twin for application discovery, troubleshooting, logging, automation, analysis, and day-to-day network operations.

The most serious vulnerability (CVE-2023-34039), rated 9.8 (critical) on the Common Vulnerability Scoring System (CVSS version 3), is an authentication bypass bug.

In its advisory, VMware said the vulnerability involves “a lack of unique cryptographic key generation”.

An attacker “could bypass SSH authentication to gain access to the Aria Operations for Networks CLI,” the advisory stated.

Discovered by Rahul Maini of ProjectDiscovery Research, the bug affects Aria Operations for Networks collectors.

The other bug, CVE-2023-20890, is an arbitrary file write vulnerability with a CVSS score of 7.2.

“An authenticated malicious actor with administrative access to VMware Aria Operations for Networks can write files to arbitrary locations resulting in remote code execution”, VMware said.

Back in 2021, Aria Operations for Networks was patched against a command injection vulnerability that could be chained with a RPC interface protection bug, leading to remote code execution.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

Eagers Automotive finds unauthorised access to parts of IT systems

Eagers Automotive finds unauthorised access to parts of IT systems

Hackers hit Victoria's court recording database

Hackers hit Victoria's court recording database

St Vincent's Health Australia warns cyber attack forensics could "take some time"

St Vincent's Health Australia warns cyber attack forensics could "take some time"

Yakult Australia confirms cyber incident

Yakult Australia confirms cyber incident

Log In

  |  Forgot your password?