Lucene search

Vsphere Data Protection Security Vulnerabilities - CVSS Score 9 - 10

cve

CVE-2016-7456

VMware vSphere Data Protection (VDP) 5.5.x though 6.1.x has an SSH private key with a publicly known password, which makes it easier for remote attackers to obtain login access via an SSH session.

9.8CVSS

9.1AI Score

0.083EPSS

2016-12-29 09:59 AM

cve

CVE-2017-4914

VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x contains a deserialization issue. Exploitation of this issue may allow a remote attacker to execute commands on the appliance.

9.8CVSS

9.5AI Score

0.07EPSS

2017-06-07 05:29 PM

cve

CVE-2017-4917

VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x locally stores vCenter Server credentials using reversible encryption. This issue may allow plaintext credentials to be obtained.

9.8CVSS

9.2AI Score

0.005EPSS

2017-06-07 05:29 PM

cve

CVE-2018-11066

Dell EMC Avamar Client Manager in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1, 18.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 and 2.2 contain a Remote Code Execution vulnerability. A remote unauthenticated attacker could po...

9.8CVSS

9.8AI Score

0.017EPSS

2018-11-26 08:29 PM