VMware patches Aria SSH bypass bug – Security


VMware is warning Aria Operations for Networks users they need to patch against a number of security vulnerabilities, including one that lets an attacker bypass SSH authentication.



Aria Operations for Networks, formerly vRealize Network Insight, is a network and application monitoring tool that provides a cross-cloud digital twin for application discovery, troubleshooting, logging, automation, analysis, and day-to-day network operations.

The most serious vulnerability (CVE-2023-34039), rated 9.8 (critical) on the Common Vulnerability Scoring System (CVSS version 3), is an authentication bypass bug.

In its advisory, VMware said the vulnerability involves “a lack of unique cryptographic key generation”.

An attacker “could bypass SSH authentication to gain access to the Aria Operations for Networks CLI,” the advisory stated.

Discovered by Rahul Maini of ProjectDiscovery Research, the bug affects Aria Operations for Networks collectors.

The other bug, CVE-2023-20890, is an arbitrary file write vulnerability with a CVSS score of 7.2.

“An authenticated malicious actor with administrative access to VMware Aria Operations for Networks can write files to arbitrary locations resulting in remote code execution”, VMware said.

Back in 2021, Aria Operations for Networks was patched against a command injection vulnerability that could be chained with a RPC interface protection bug, leading to remote code execution.



Source link