Vulnerabilities > Vmware > Vsphere Data Protection > 5.5.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-06-07 | CVE-2017-4914 | Deserialization of Untrusted Data vulnerability in VMWare Vsphere Data Protection VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x contains a deserialization issue. | 7.5 |
2016-12-29 | CVE-2016-7456 | Credentials Management vulnerability in VMWare Vsphere Data Protection VMware vSphere Data Protection (VDP) 5.5.x though 6.1.x has an SSH private key with a publicly known password, which makes it easier for remote attackers to obtain login access via an SSH session. | 10.0 |
2015-02-01 | CVE-2014-4632 | Cryptographic Issues vulnerability in VMWare Vsphere Data Protection VMware vSphere Data Protection (VDP) 5.1, 5.5 before 5.5.9, and 5.8 before 5.8.1 and the proxy client in EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) 6.x and 7.0.x do not properly verify X.509 certificates from vCenter Server SSL servers, which allows man-in-the-middle attackers to spoof servers, and bypass intended backup and restore access restrictions, via a crafted certificate. | 4.3 |