CVE-2016-5333

VMware Photos OS OVA 1.0 before 2016-08-14 has a default SSH public key in an authorized_keys file, which allows remote attackers to obtain SSH access by leveraging knowledge of the private key.
Configurations

Configuration 1 (hide)

cpe:2.3:o:vmware:photon_os:*:2016-08-14:*:*:*:*:*:*

History

21 Nov 2024, 02:54

Type Values Removed Values Added
References () http://www.securityfocus.com/bid/92474 - () http://www.securityfocus.com/bid/92474 -
References () http://www.securitytracker.com/id/1036628 - () http://www.securitytracker.com/id/1036628 -
References () http://www.theregister.co.uk/2016/08/16/vmware_shipped_public_key_with_its_photon_osforcontainers/ - Press/Media Coverage () http://www.theregister.co.uk/2016/08/16/vmware_shipped_public_key_with_its_photon_osforcontainers/ - Press/Media Coverage
References () http://www.vmware.com/security/advisories/VMSA-2016-0012.html - Vendor Advisory () http://www.vmware.com/security/advisories/VMSA-2016-0012.html - Vendor Advisory

Information

Published : 2016-08-31 01:59

Updated : 2024-11-21 02:54


NVD link : CVE-2016-5333

Mitre link : CVE-2016-5333

CVE.ORG link : CVE-2016-5333


JSON object : View

Products Affected

vmware

  • photon_os
CWE
CWE-798

Use of Hard-coded Credentials