CVE-2016-7456

CRITICAL

Vmware Vsphere Data Protection - Credentials Management

Title source: rule

Description

VMware vSphere Data Protection (VDP) 5.5.x though 6.1.x has an SSH private key with a publicly known password, which makes it easier for remote attackers to obtain login access via an SSH session.

Exploits (1)

metasploit WORKING POC EXCELLENT

by phroxvs · rubypocunix

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/ssh/vmware_vdp_known_privkey.rb

View Code ZIP pw:eip

References (3)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/94990

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1037502

[Vendor Advisory] http://www.vmware.com/security/advisories/VMSA-2016-0024.html

Scores

CVSS v3 9.8

EPSS 0.8212

EPSS Percentile 99.2%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-255

Status published

Products (22)

vmware/vsphere_data_protection 5.5.1

vmware/vsphere_data_protection 5.5.5

vmware/vsphere_data_protection 5.5.6

vmware/vsphere_data_protection 5.5.7

vmware/vsphere_data_protection 5.5.8

vmware/vsphere_data_protection 5.5.9

vmware/vsphere_data_protection 5.5.10

vmware/vsphere_data_protection 5.5.11

vmware/vsphere_data_protection 5.8.0

vmware/vsphere_data_protection 5.8.1

... and 12 more

Published Dec 29, 2016

Tracked Since Feb 18, 2026