VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x locally stores vCenter Server credentials using reversible encryption. This issue may allow plaintext credentials to be obtained.
[
{
"product": "vSphere Data Protection (VDP)",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "6.1.x"
},
{
"status": "affected",
"version": "6.0.x"
},
{
"status": "affected",
"version": "5.8.x"
},
{
"status": "affected",
"version": "5.5.x"
}
]
}
]