VMware Cloud Director is impacted by the following vulnerabilities:

• CVE-2024-6387: An unauthenticated, remote code execution vulnerability found in the OpenSSH server (sshd). This is due to a signal handler race condition that can be triggered when a client fails to authenticate within the LoginGraceTime. It affects OpenSSH server versions starting with 8.5p1 up to, but not including, 9.8p1.

• CVE-2024-39894

• CVE-2025-26465

VMware Cloud Director (VCD) 10.x

The underlying Photon OS used by VMware Cloud Director contains vulnerable versions of the OpenSSH server component, leading to the security issues identified by the CVEs.

To resolve these security vulnerabilities, you must upgrade your VMware Cloud Director instance to the version that includes the patched Photon OS:

• Upgrade to VMware Cloud Director 10.6.1.2 patch release.

This patch updates the underlying Photon OS to a version that includes a corrected OpenSSH component, thereby addressing the vulnerabilities.

OpenSSH Version Check: You can verify the installed OpenSSH version on your VCD appliance using the command:

rpm -qa | grep -i openssh

• If OpenSSH 8.9p1-8.ph4 or a later version is installed, no further action related to these specific CVEs is needed.