Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2016-5332 |
CWE-ID | CWE-798 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software Subscribe |
VMware Photon OS OVA Operating systems & Components / Operating system |
Vendor | VMware, Inc |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
EUVDB-ID: #VU323
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-5332
CWE-ID:
CWE-798 - Use of Hard-coded Credentials
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain unauthorized access to the system.
The vulnerability exists due to usage of default public SSH key in all versions of Photon OS 1.0 OVAs, downloaded before August 14, 2016. A remote attacker with the corresponding private SSH key can gain access to vulnerable system using default SSH keys.
Successful exploitation of this vulnerability will allow an attacker to gain unauthorized access to vulnerable system.
MitigationDownload a new version of Photon OS 1.0 OVA, released after August 14, 2016.
Users that have downloaded the PhotonOS 1.0 OVAs before August 14, 2016 should take either of the following procedures to ensure the security of their systems:
rm –f /root/.ssh/authorized_keys
sed –i '/photon-jenkins/d' /root/.ssh/authorized_keys
VMware Photon OS OVA: 1.0
External linkshttp://github.com/vmware/photon/blob/master/CHANGELOG.md
http://www.vmware.com/security/advisories/VMSA-2016-0012.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.