vSphere Data Protection (VDP) updates address multiple security issues.

ID VMSA-2018-0029
Type vmware
Reporter VMware
Modified 2018-11-20T00:00:00


a. Remote code execution vulnerability.

VDP contains a remote code execution vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to execute arbitrary commands on the server.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2018-11066 to this issue.

Column 5 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.