VMware vSphere Data Protection Authentication Bypass Vulnerability (CVE-2017-15548)
VMware vSphere Data Protection Authentication Bypass Vulnerability (CVE-2017-15548)
Release date:
Updated on:
Affected Systems:
VMWare vSphere Data Protection 6.1.x
VMWare vSphere Data Protection 6.0.x
VMWare vSphere Data Protection 5.x
Description:
Bugtraq id: 102352
CVE (CAN) ID: CVE-2017-15548
VMware vSphere Data Protection is a backup and recovery solution.
VMware vSphere Data Protection 5.x, 6.1.x, and 6.0.x versions have the Authentication Bypass Vulnerability. Attackers can exploit this vulnerability to bypass the authentication mechanism and obtain unauthorized access.
<* Source: vendor
*>
Suggestion:
Vendor patch:
VMWare
------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.vmware.com
Https://www.vmware.com/us/security/advisories/VMSA-2018-0001.html