Vulnerabilities (CVE)

Filtered by vendor Vmware Subscribe
Filtered by product Photon Os
Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-34060 1 Vmware 2 Cloud Director, Photon Os 2024-11-21 N/A 9.8 CRITICAL
VMware Cloud Director Appliance contains an authentication bypass vulnerability in case VMware Cloud Director Appliance was upgraded to 10.5 from an older version. On an upgraded version of VMware Cloud Director Appliance 10.5, a malicious actor with network access to the appliance can bypass login restrictions when authenticating on port 22 (ssh) or port 5480 (appliance management console) . This bypass is not present on port 443 (VCD provider and tenant login). On a new installation of VMware Cloud Director Appliance 10.5, the bypass is not present. VMware Cloud Director Appliance is impacted since it uses an affected version of sssd from the underlying Photon OS. The sssd issue is no longer present in versions of Photon OS that ship with sssd-2.8.1-11 or higher (Photon OS 3) or sssd-2.8.2-9 or higher (Photon OS 4 and 5).
CVE-2022-22942 1 Vmware 1 Photon Os 2024-11-21 N/A 7.8 HIGH
The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by other processes on the system through a dangling 'file' pointer.
CVE-2021-22055 1 Vmware 1 Photon Os 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
The SchedulerServer in Vmware photon allows remote attackers to inject logs through \r in the package parameter. Attackers can also insert malicious data and fake entries.
CVE-2020-3956 2 Linux, Vmware 3 Linux Kernel, Photon Os, Vcloud Director 2024-11-21 6.5 MEDIUM 8.8 HIGH
VMware Cloud Director 10.0.x before 10.0.0.2, 9.7.0.x before 9.7.0.5, 9.5.0.x before 9.5.0.6, and 9.1.0.x before 9.1.0.4 do not properly handle input leading to a code injection vulnerability. An authenticated actor may be able to send malicious traffic to VMware Cloud Director which may lead to arbitrary remote code execution. This vulnerability can be exploited through the HTML5- and Flex-based UIs, the API Explorer interface and API access.
CVE-2020-10713 4 Debian, Gnu, Opensuse and 1 more 4 Debian Linux, Grub2, Leap and 1 more 2024-11-21 4.6 MEDIUM 8.2 HIGH
A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper the GRUB verification process. This flaw also allows the bypass of Secure Boot protections. In order to load an untrusted or modified kernel, an attacker would first need to establish access to the system such as gaining physical access, obtain the ability to alter a pxe-boot network, or have remote access to a networked system with root access. With this access, an attacker could then craft a string to cause a buffer overflow by injecting a malicious payload that leads to arbitrary code execution within GRUB. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2016-5333 1 Vmware 1 Photon Os 2024-11-21 9.3 HIGH 9.8 CRITICAL
VMware Photos OS OVA 1.0 before 2016-08-14 has a default SSH public key in an authorized_keys file, which allows remote attackers to obtain SSH access by leveraging knowledge of the private key.