Lucene search
K

35 matches found

CISA
CISA
added 2017/06/07 12:0 a.m.8 views

VMware Releases Security Updates

VMware has released security updates to address vulnerabilities in vSphere Data Protection. Exploitation of these vulnerabilities could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review VMware Security Advisory VMSA-2017-0010 and...

6.9AI score
Exploits0References1
OpenVAS
OpenVAS
added 2017/04/11 12:0 a.m.38 views

VMware vSphere Data Protection (VDP) Man-in-the-Middle Attack Vulnerability

VMware vSphere Data Protection VDP is prone to a man in the middle attack vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

4.3CVSS5.2AI score0.0062EPSS
Exploits0References3
OSV
OSV
added 2016/12/29 9:59 a.m.5 views

CVE-2016-7456

VMware vSphere Data Protection VDP 5.5.x though 6.1.x has an SSH private key with a publicly known password, which makes it easier for remote attackers to obtain login access via an SSH session...

9.8CVSS5.8AI score0.32789EPSS
Exploits3References3
OpenVAS
OpenVAS
added 2016/12/28 12:0 a.m.24 views

vSphere Data Protection Detection

This script performs SSH based detection of vSphere Data Protection SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

7AI score
Exploits0
OpenVAS
OpenVAS
added 2016/12/28 12:0 a.m.55 views

VMware vSphere Data Protection (VDP) updates address SSH Key-Based authentication issue (VMSA-2016-0024, dpnid) - Active Check

VMware vSphere Data Protection VDP updates address SSH key-based authentication issue. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

10CVSS8.6AI score0.32789EPSS
Exploits3References1
OpenVAS
OpenVAS
added 2016/12/28 12:0 a.m.55 views

VMware vSphere Data Protection (VDP) updates address SSH Key-Based authentication issue (VMSA-2016-0024, admin_key) - Active Check

VMware vSphere Data Protection VDP updates address SSH key-based authentication issue. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

10CVSS8.6AI score0.32789EPSS
Exploits3References1
CNVD
CNVD
added 2016/12/22 12:0 a.m.9 views

VMware vSphere Data Protection Authentication Bypass Vulnerability

VMware vSphere Data Protection VDP is a disk-based backup and recovery solution from VMware. Integrated with VMware vCenter Server, the server and virtualization management software, the solution can be used to centrally manage backup jobs while storing backup files in deduplicated target storage...

10CVSS7.1AI score0.32789EPSS
Exploits3References1
VMware
VMware
added 2016/12/20 12:0 a.m.40 views

vSphere Data Protection (VDP) update addresses SSH key-based authentication issue

VDP SSH key-based authentication issue VDP contains a private SSH key with a known password that is configured to allow key-based authentication. Exploitation of this issue may allow an unauthorized remote attacker to log into the appliance with root privileges. VMware would like to thank Marc...

10CVSS3.2AI score0.32789EPSS
Exploits3References1Affected Software1
VMware
VMware
added 2016/12/18 12:0 a.m.435 views

VMSA-2016-0024:vSphere Data Protection (VDP) update addresses SSH key-based authentication issue

VMSA-2016-0024.1 vSphere Data Protection VDP updates address SSH Key-Based authentication issue VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2016-0024.1 VMware Security Advisory Severity: Critical VMware Security Advisory Synopsis: vSphere Data Protection VDP updates addres...

10CVSS9.9AI score0.32789EPSS
Exploits3References8Affected Software1
Tenable Nessus
Tenable Nessus
added 2015/02/12 12:0 a.m.20 views

VMware vSphere Data Protection Certificate Validation (VMSA-2015-0002)

The version of VMware vSphere Data Protection installed on the remote host is 5.1.x / 5.5.x prior to 5.5.9, or 5.8.x prior to 5.8.1. It is, therefore, affected by a certificate validation vulnerability that allows man-in-the-middle MitM attacks. C Tenable Network Security, Inc. include"compat.inc...

4.3CVSS5.5AI score0.0062EPSS
Exploits0References3
securityvulns
securityvulns
added 2015/02/02 12:0 a.m.60 views

NEW VMSA-2015-0002 VMware vSphere Data Protection product update addresses a certificate validation vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ VMware Security Advisory Advisory ID: VMSA-2015-0002 Synopsis: VMware vSphere Data Protection product update addresses a certificate validation vulnerability. Issue date:...

4.3CVSS6.2AI score0.0062EPSS
Exploits0
CNVD
CNVD
added 2015/02/02 12:0 a.m.4 views

VMware vSphere Data Protection Certificate Validation Security Bypass Vulnerability

VMWare is a "virtual PC" software that allows you to run two or more Windows, DOS, or Linux systems on a single machine at the same time. A validation security bypass vulnerability exists in the VMware vSphere data protection certificate, which can be exploited by an attacker to perform a...

4.3CVSS6.8AI score0.0062EPSS
Exploits0References1
Prion
Prion
added 2015/02/01 2:59 a.m.20 views

Design/Logic Flaw

VMware vSphere Data Protection VDP 5.1, 5.5 before 5.5.9, and 5.8 before 5.8.1 and the proxy client in EMC Avamar Data Store ADS and Avamar Virtual Edition AVE 6.x and 7.0.x do not properly verify X.509 certificates from vCenter Server SSL servers, which allows man-in-the-middle attackers to spoo...

4.3CVSS6.6AI score0.0062EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2015/02/01 2:59 a.m.20 views

CVE-2014-4632

VMware vSphere Data Protection VDP 5.1, 5.5 before 5.5.9, and 5.8 before 5.8.1 and the proxy client in EMC Avamar Data Store ADS and Avamar Virtual Edition AVE 6.x and 7.0.x do not properly verify X.509 certificates from vCenter Server SSL servers, which allows man-in-the-middle attackers to spoo...

4.3CVSS6.2AI score0.0062EPSS
Exploits0References4
VMware
VMware
added 2014/10/20 12:0 a.m.69 views

VMSA-2014-0011:VMware vSphere Data Protection product update addresses a CRITICAL information disclosure vulnerability.

VMSA-2014-0011 VMware vSphere Data Protection product update addresses a critical information disclosure vulnerability. VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2014-0011 VMware Security Advisory Synopsis: VMware vSphere Data Protection product update addresses a critic...

5CVSS6.5AI score0.03337EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder