module
VMWare Aria Operations for Networks (vRealize Network Insight) SSH Private Key Exposure
Disclosed | Created |
---|---|
2023-08-29 | 2023-10-24 |
Disclosed
2023-08-29
Created
2023-10-24
Description
VMWare Aria Operations for Networks (vRealize Network Insight) versions 6.0.0 through 6.10.0
do not randomize the SSH keys on virtual machine initialization. Since the key is easily
retrievable, an attacker can use it to gain unauthorized remote access as the "support" (root) user.
do not randomize the SSH keys on virtual machine initialization. Since the key is easily
retrievable, an attacker can use it to gain unauthorized remote access as the "support" (root) user.
Authors
h00die
SinSinology
Harsh Jaiswal ( Harsh Jaiswal (@rootxharsh)
Rahul Maini ( Rahul Maini (@iamnoooob)
SinSinology
Harsh Jaiswal ( Harsh Jaiswal (@rootxharsh)
Rahul Maini ( Rahul Maini (@iamnoooob)
Platform
Unix
Architectures
cmd
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.