Harsh Jaiswal (@rootxharsh) - Security Researcher

CVE-2023-34039 NOMISEC CRITICAL WORKING POC

VMWare Aria Operations for Networks (vRealize Network Insight) SSH Private Key Exposure

Aria Operations for Networks contains an Authentication Bypass vulnerability due to a lack of unique cryptographic key generation. A malicious actor with network access to Aria Operations for Networks could bypass SSH authentication to gain access to the Aria Operations for Networks CLI.

96 stars

CVSS 9.8

View Code

CVE-2023-34039 NOMISEC CRITICAL WORKING POC

VMWare Aria Operations for Networks (vRealize Network Insight) SSH Private Key Exposure

Aria Operations for Networks contains an Authentication Bypass vulnerability due to a lack of unique cryptographic key generation. A malicious actor with network access to Aria Operations for Networks could bypass SSH authentication to gain access to the Aria Operations for Networks CLI.

1 stars

CVSS 9.8

View Code

CVE-2023-34039 METASPLOIT CRITICAL ruby WORKING POC

VMWare Aria Operations for Networks (vRealize Network Insight) SSH Private Key Exposure

Aria Operations for Networks contains an Authentication Bypass vulnerability due to a lack of unique cryptographic key generation. A malicious actor with network access to Aria Operations for Networks could bypass SSH authentication to gain access to the Aria Operations for Networks CLI.

CVSS 9.8

View Code