漏洞类别:Web server
漏洞等级: 
漏洞信息
vSphere Data Protection (VDP) is a backup and recovery solution designed for vSphere environments. Powered by EMC Avamar, it provides agentless, image-level virtual-machine backups to disk.
VMware vSphere Data Protection (VDP) has an SSH private key with a publicly known password, which remote attackers could use to obtain login access via an SSH session.
Affected Versions:
vSphere Data Protection 6.1.x prior to version 6.1.4
vSphere Data Protection 6.0.x prior to version 6.0.5
vSphere Data Protection 5.8.x
vSphere Data Protection 5.5.x
漏洞危害
An unauthenticated, remote attacker could exploit this vulnerability to log into the system via an SSH session.
解决方案
Please refer to VMSA-2016-0024 for more information about patching this vulnerability.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0daybank
文章评论