Dell Compellent Hardcoded Key Exposes Vmware vCenter Admin Credentials
The flaw, tracked as CVE-2023-39250, is caused by a static AES encryption key, shared across all installs, that is used to encrypt the vCenter credentials stored in the program’s configuration file.