VMWare Aria Operations For Networks SSH Private Key Exposure

VMWare Aria Operations for Networks (vRealize Network Insight) versions 6.0.0 through 6.10.0 do not randomize the SSH keys on virtual machine initialization. Since the key is easily retrievable, an attacker can use it to gain unauthorized remote access as the "support" (root) user.

access aria aria operations for networks attacker exposure insight key keys machine network networks operations private private key remote access root ssh ssh keys support the key virtual virtual machine vmware vmware aria operations for networks vrealize