CVE-2016-7456
CVE-2016-7456
Vexday Risk Score
30Low
SSVC decision (CISA)
Attend
PoC available → attend closely
Exploit maturity
Functional exploit
Automatable exploit available (Nuclei/Metasploit).
CVSS —EPSS 32.8%KEV nãoPoC —Nuclei —Metasploit simPatch —
Lifecycle
20 Dec 2016Metasploit module available
29 Dec 2016Published on NVD
Recommendation: Plan a near-term fix — a public PoC already exists.
VMware vSphere Data Protection (VDP) 5.5.x though 6.1.x has an SSH private key with a publicly known password, which makes it easier for remote attackers to obtain login access via an SSH session.
Affected products
n/a · n/a