CVE-2014-4624
EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) 6.x and 7.0.x up to 7.0.2-43 expose MCUser and GSAN passwords via Java API calls without authentication (remote information disclosure). VMware vSphere Data Protection (VDP) 5.x also vulnerable via Java API access to retrieve credential...