CVE-2016-5333

CVE Database · CVE-2016-5333

CVE-2016-5333

· N/AModified

CVSS v3.1

N/A

EPSS

2.51%

Published

Aug 30, 2016

Modified

May 6, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

VMware Photos OS OVA 1.0 before 2016-08-14 has a default SSH public key in an authorized_keys file, which allows remote attackers to obtain SSH access by leveraging knowledge of the private key.

Weaknesses (CWE)

CWE-798

Affected Products (1)

vmware · photon_osvulnerable

References (8)

http://www.securityfocus.com/bid/92474

http://www.securitytracker.com/id/1036628

http://www.theregister.co.uk/2016/08/16/vmware_shipped_public_key_with_its_photon_osforcontainers/

Press/Media Coverage

http://www.vmware.com/security/advisories/VMSA-2016-0012.html

Vendor Advisory