Authentication Bypass Vulnerability in Aria Operations for Networks: Exploiting Weak Cryptographic Key Generation

Authentication Bypass Vulnerability in Aria Operations for Networks: Exploiting Weak Cryptographic Key Generation

CVE-2023-34039 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Aria Operations for Networks contains an Authentication Bypass vulnerability due to a lack of unique cryptographic key generation. A malicious actor with network access to Aria Operations for Networks could bypass SSH authentication to gain access to the Aria Operations for Networks CLI.

Learn more about our Network Penetration Testing.