module
VMWare Aria Operations for Networks (vRealize Network Insight) SSH Private Key Exposure
| Disclosed |
|---|
| Aug 29, 2023 |
Disclosed
Aug 29, 2023
Description
VMWare Aria Operations for Networks (vRealize Network Insight) versions 6.0.0 through 6.10.0
do not randomize the SSH keys on virtual machine initialization. Since the key is easily
retrievable, an attacker can use it to gain unauthorized remote access as the "support" (root) user.
do not randomize the SSH keys on virtual machine initialization. Since the key is easily
retrievable, an attacker can use it to gain unauthorized remote access as the "support" (root) user.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.