FISA

Proof-of-concept (PoC) exploit code has been made available for a recently disclosed and patched critical flaw impacting VMware Aria Operations for Networks (formerly vRealize Network Insight). The flaw, tracked as CVE-2023-34039, is rated 9.8 out of a maximum of 10 for severity and has been described as a case of authentication bypass due to a lack of unique cryptographic key generation. "A malicious actor with network access to Aria Operations for Networks could bypass SSH authentication to gain access to the Aria Operations for Networks CLI," VMware said earlier this week. Summoning Team's Sina Kheirkhah, who published the PoC following an analysis of the patch released by VMware, said the root cause can be traced back to a bash script containing a method named refresh_ssh_keys(), which is responsible for overwriting the current SSH keys for the support and ubuntu users in the authorized_keys file. "There is SSH authentication in place; however, VMware forgot to r

VMware has released software updates to correct two security vulnerabilities in Aria Operations for Networks that could be potentially exploited to bypass authentication and gain remote code execution. The most severe of the flaws is CVE-2023-34039 (CVSS score: 9.8), which relates to a case of authentication bypass arising as a result of a lack of unique cryptographic key generation. "A malicious actor with network access to Aria Operations for Networks could bypass SSH authentication to gain access to the Aria Operations for Networks CLI," the company  said  in an advisory. ProjectDiscovery researchers Harsh Jaiswal and Rahul Maini have been credited with discovering and reporting the issue. The second weakness, CVE-2023-20890 (CVSS score: 7.2), is an arbitrary file write vulnerability impacting Aria Operations for Networks that could be abused by an adversary with administrative access to write files to arbitrary locations and achieve remote code execution. Credited with re

  Since introducing the support for dedicated vSphere clouds as a replication destination, we have extended the list of available features with every new release. This one is no exception and brings several significant improvements: Recovery Plans to define the failover order of the replicated VMs the same way it is done for VMware Cloud Director clouds Bandwidth throttling to enforce traffic limits on a specific network interface of the Tunnel appliance Public API, which was missing before.  In VMware Cloud Director Availability 4.3.1, we enabled migrating templates from one catalog to another in the same or a remote VMware Cloud Director cloud. In 4.6, we enhanced that feature to check for template changes and perform an automated migration if a modification is detected. It can result in overwriting the existing template at the destination catalog or creating a newer version. Along with all mentioned, we have also improved product management and operability.  For clouds running VMwar

  A new ransomware-as-service (RaaS) operation called MichaelKors has become the latest file-encrypting malware to target Linux and  VMware ESXi systems  as of April 2023.                            The development points to cybercriminal actors increasingly setting their eyes on the ESXi, cybersecurity firm CrowdStrike said in a  report  shared with The Hacker News.                          "This trend is especially noteworthy given the fact that ESXi, by design, does not support third-party agents or AV software," the company said.                                                                     "In fact, VMware goes as far as to claim it's not required. This, combined with the popularity of ESXi as a widespread and popular virtualization and management system, makes the hypervisor a highly attractive target for modern adversaries." The   targeting of VMware ESXi hypervisors   with ransomware to scale such campaigns is a technique known as   hypervisor jack

Improved availability . In a multi-zone deployment topology, if an availability zone fails, the failure affects volume life cycle operations in only that particular availability zone. Subsequently, it’s crucial to spread the Kubernetes cluster across multiple vCenter servers to improve its availability. By doing so, you can ensure that the cluster remains functional even if one of the vCenters servers fails. Improved performance . In a K8s deployment stretched across multiple vCenter Server instances, vSphere Container Storage Plug-in has more vCenter Server systems available for performing volume operations. As a result, the volume operation throughput increases. Improved scale . A single vCenter Server instance supports a maximum of 10k CNS block volumes. In a K8s deployment stretched across multiple vCenter Server instances, vSphere Container Storage Plug-in is able to support 10k CNS block volumes per vCenter Server. In an environment where a K8s cluster utilizes a single vCenter,

  Today, more and more of our customers are delivering applications across public clouds and at the edge, and they’re increasingly using Kubernetes to manage and scale their modernized and cloud-native apps. To be the preferred multi-cloud management partner for our customers, we need to solve the challenges they face managing overall cloud spend, resource utilization, and application performance, security, and compliance across any cloud. VMware Aria enables us to do just that.    Powering VMware Aria is VMware Aria Graph, an exciting new cloud-scale data store technology that captures and maps the complexity of our customers’ multi-cloud environments – applications, users, configurations, and associated dependencies – in a single view. The innovative Aria Graph technology anchors all our core management solutions, namely, Aria Cost, Aria Operations, and Aria Automation. In addition, it powers a set of end-to-end multi-cloud management solutions for cloud governance (Aria Guardrails),