CVE-2023-34039 | Arctic Wolf

Critical Authentication Bypass Vulnerability in VMware Aria Operations for Networks: CVE-2023-34039

VMware disclosed a critical authentication bypass vulnerability (CVE-2023-34039) that could result in a threat actor gaining access to the Aria Operations for Networks CLI. Find Arctic Wolf’s recommendations for remediation.

31 August, 2023
by Steven Campbell

On Tuesday 29 August 2023, VMware disclosed a critical authentication bypass vulnerability (CVE-2023-34039) in VMware Aria Operations for Networks�Cformerly known as vRealize Network Insight�Cthat could result in a threat actor gaining access to the Aria Operations for Networks CLI by bypassing SSH authentication. ?

The vulnerability was responsibly disclosed to VMware and has not been actively exploited in campaigns. Furthermore, we have not identified a public proof of concept (PoC) exploit for CVE-2023-34039. However, threat actors have historically leveraged a VMware Aria Operations for Networks command injection vulnerability () to obtain remote code execution, according to CISA��s Known Exploited Vulnerabilities Catalog. ?

In addition to CVE-2023-34039, VMware disclosed one other vulnerability that impacts the same VMware Aria Operations for Networks version. ?

CVE-2023-20890 (CVSS 7.2): Arbitrary File Write Vulnerability?

VMware Aria Operations for Network?
Affected Versions?	Fixed Version?
6.x?	6.11 ()?
6.2.0?	Build number:??
6.3.0?	Build number:??
6.4.0?	Build number:??
6.5.1?	Build number:??
6.6.0?	Build number:??
6.7.0?	Build number:??
6.8.0?	Build number:??
6.9.0?	Build number:??
6.10.0?	Build number: ?

CVE-2023-34039 Recommendation: Upgrade VMware Aria Operations for Networks to 6.11 or a Fixed Build Number?

Arctic Wolf strongly recommends upgrading VMware Aria Operations for Networks to 6.11 or a fixed build number to prevent potential exploitation. ?

The upgrade package can be found in VMware��s Customer Connect portal here: ?

Please follow your organisations patching and testing guidelines to avoid operational impact.?

? 2026 ��. All Rights Reserved.
Privacy Notice	Terms of Use	Cookie Policy	Customer Portal Policy	Accessibility Statement	Sustainability Statement	Information Security	Cookies Settings

��

��

Concierge

Journey

Reduce Attack Frequency

Reduce Attack Severity

Transfer Risk

Get Started

Why Arctic Wolf

Expertise by Topic

Expertise by Industry

Resource Centre

Trending Resources

NIS2 aims to make the EU as a whole more resilient to cyber threats and strengthen cooperation between Member States on cybersecurity.

The Arctic Wolf State of Cybersecurity: 2025 Trends Report serves as an opportunity for decision makers to share their experiences over the past 12 months and their perspectives on some of the most important issues shaping the IT and security landscape.

The Arctic Wolf Threat Report draws upon the first-hand experience of our security experts, augmented by research from our threat intelligence team.

Security Bulletins

Microsoft Patch Tuesday: April 2026?

CVE-2026-35616: Fortinet Releases Hotfix for Critical Exploited Vulnerability in FortiClient EMS

CVE-2026-2699 & CVE-2026-2701: Progress ShareFile Storage Zones Controller Pre-Auth RCE Chain

Company

Careers

Press

Critical Authentication Bypass Vulnerability in VMware Aria Operations for Networks: CVE-2023-34039

CVE-2023-34039 Recommendation: Upgrade VMware Aria Operations for Networks to 6.11 or a Fixed Build Number?

References?

Popular Topics

Share this post:

What to read next

Earl Grey House
77 Grey St. 3rd Floor
Newcastle upon Tyne
NE1?6EF
UK

? 2026 ��. All Rights Reserved.

Privacy Notice

Terms of Use

Cookie Policy

Customer Portal Policy

Accessibility Statement

Sustainability Statement

Information Security

Cookies Settings

������

Concierge

Journey

Reduce Attack Frequency

Reduce Attack Severity

Transfer Risk

Get Started

Why Arctic Wolf

Expertise by Topic

Expertise by Industry

Resource Centre

Trending Resources

NIS2 aims to make the EU as a whole more resilient to cyber threats and strengthen cooperation between Member States on cybersecurity.

The Arctic Wolf State of Cybersecurity: 2025 Trends Report serves as an opportunity for decision makers to share their experiences over the past 12 months and their perspectives on some of the most important issues shaping the IT and security landscape.

The Arctic Wolf Threat Report draws upon the first-hand experience of our security experts, augmented by research from our threat intelligence team.

Security Bulletins

Microsoft Patch Tuesday: April 2026?

CVE-2026-35616: Fortinet Releases Hotfix for Critical Exploited Vulnerability in FortiClient EMS

CVE-2026-2699 & CVE-2026-2701: Progress ShareFile Storage Zones Controller Pre-Auth RCE Chain

Company

Careers

Press

Critical Authentication Bypass Vulnerability in VMware Aria Operations for Networks: CVE-2023-34039

CVE-2023-34039 Recommendation: Upgrade VMware Aria Operations for Networks to 6.11 or a Fixed Build Number?

References?

Popular Topics

Share this post:

What to read next

6 min read

Microsoft Patch Tuesday: April 2026

6 min read

Project Glasswing Marks a Turning Point for Cybersecurity

5 min read

Building Cyber Resilience with Arctic Wolf: A Practical Approach for Security Leaders

2 min read

CVE-2026-35616: Fortinet Releases Hotfix for Critical Exploited Vulnerability in FortiClient EMS

Earl Grey House 77 Grey St. 3rd Floor Newcastle upon TyneNE1?6EF UK

? 2026 ������. All Rights Reserved.

��

Earl Grey House
77 Grey St. 3rd Floor
Newcastle upon Tyne
NE1?6EF
UK

? 2026 ��. All Rights Reserved.