Vmware: >> Vsphere Data Protection >> 5.5.9 Security Vulnerabilities
VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x contains a deserialization issue. Exploitation of this issue may allow a remote attacker to execute commands on the appliance.
CVSS Score
9.8
EPSS Score
0.088
Published
2017-06-07
VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x locally stores vCenter Server credentials using reversible encryption. This issue may allow plaintext credentials to be obtained.
CVSS Score
9.8
EPSS Score
0.006
Published
2017-06-07
VMware vSphere Data Protection (VDP) 5.5.x though 6.1.x has an SSH private key with a publicly known password, which makes it easier for remote attackers to obtain login access via an SSH session.
CVSS Score
9.8
EPSS Score
0.328
Published
2016-12-29