Improper authentication in vSphere Data Protection

#VU9825 Improper authentication in vSphere Data Protection

Published: 2018-01-02 | Updated: 2018-01-02

Vulnerability identifier: #VU9825

Vulnerability risk: High

CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-15548

CWE-ID: CWE-287

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
vSphere Data Protection
Client/Desktop applications / Other client software

Vendor: VMware, Inc

Description
The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to undisclosed error, which can be used to bypass authentication and gain unauthorized root access to the affected system.

Mitigation
Install the latest version 6.0.7 or 6.1.6.

Vulnerable software versions

vSphere Data Protection: 5.8 - 6.1.5

External links
http://www.vmware.com/security/advisories/VMSA-2018-0001.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in vSphere Data Protection (VDP)