Vulnerabilities > Vmware > Vsphere Data Protection > Critical

DATE CVE VULNERABILITY TITLE RISK
2018-11-26 CVE-2018-11066 Dell EMC Avamar Client Manager in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1, 18.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 and 2.2 contain a Remote Code Execution vulnerability.
network
low complexity
dell vmware
critical
 9.8
9.8
2017-06-07 CVE-2017-4914 Deserialization of Untrusted Data vulnerability in VMWare Vsphere Data Protection
VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x contains a deserialization issue.
network
low complexity
vmware CWE-502
critical
 9.8
9.8
2017-06-07 CVE-2017-4917 Use of a Broken or Risky Cryptographic Algorithm vulnerability in VMWare Vsphere Data Protection
VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x locally stores vCenter Server credentials using reversible encryption.
network
low complexity
vmware CWE-327
critical
 9.8
9.8
2016-12-29 CVE-2016-7456 Credentials Management vulnerability in VMWare Vsphere Data Protection
VMware vSphere Data Protection (VDP) 5.5.x though 6.1.x has an SSH private key with a publicly known password, which makes it easier for remote attackers to obtain login access via an SSH session.
network
low complexity
vmware CWE-255
critical
 9.8
9.8