Lucene search
VMwareVMSA-2016-0024HistoryDec 20, 2016 - 12:00 a.m.
vSphere Data Protection (VDP) updates address SSH Key-Based authentication issue
2016-12-2000:00:00
www.vmware.com
406
0.083 Low
EPSS
Percentile
94.4%
**VDP SSH key-based authentication issue **
VDP contains a private SSH key with a known password that is configured to allow key-based authentication. Exploitation of this issue may allow an unauthorized remote attacker to log into the appliance with root privileges.
VMware would like to thank Marc StrΓΆbel aka phroxvs from HvS-Consulting for reporting this issue to VMware.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2016-7456 to this issue.
Column 5 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.
Related
openvas
openvas
packetstorm
packetstorm
VMware VDP Known SSH Key
2017-08-22 00:00:00
vmware
vmware
cve
cve
CVE-2016-7456
2016-12-29 09:59:00
zdt
zdt
VMware VDP Known SSH Key Exploit
2017-08-22 00:00:00
nvd
nvd
CVE-2016-7456
2016-12-29 09:59:00
nessus
nessus
prion
prion
Design/Logic Flaw
2016-12-29 09:59:00
cvelist
cvelist
CVE-2016-7456
2016-12-29 09:02:00