PT-2016-6369 · Vmware · Vmware Photos Os Ova

Published

2016-08-31

Updated

2017-08-16

CVE-2016-5333

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions VMware Photos OS OVA version 1.0 before 2016-08-14

Description The issue allows remote attackers to obtain SSH access by leveraging knowledge of the private key, due to a default SSH public key in an authorized keys file.

Recommendations For VMware Photos OS OVA version 1.0 before 2016-08-14, update to a version released after 2016-08-14 to replace the default SSH public key in the authorized keys file.

Fix

Using Hardcoded Credentials

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-798

Related Identifiers

CVE-2016-5333

Affected Products

Vmware Photos Os Ova

PT-2016-6369 · Vmware · Vmware Photos Os Ova

CVE-2016-5333

Weakness Enumeration

Related Identifiers

Affected Products

References · 6