VYPR

Photon OS

by VMware

CVEs (2)

  • CVE-2016-5333CriAug 31, 2016
    risk 0.64cvss 9.8epss 0.03

    VMware Photos OS OVA 1.0 before 2016-08-14 has a default SSH public key in an authorized_keys file, which allows remote attackers to obtain SSH access by leveraging knowledge of the private key.

  • CVE-2021-22055Apr 11, 2022
    risk 0.00cvss epss 0.01

    The SchedulerServer in Vmware photon allows remote attackers to inject logs through \r in the package parameter. Attackers can also insert malicious data and fake entries.