CVE-2017-4914

Summary

VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x contains a deserialization issue. Exploitation of this issue may allow a remote attacker to execute commands on the appliance.

Affected Software

VendorProductVersion RangeStatus
VMwarevSphere Data Protection (VDP)6.1.xaffected
VMwarevSphere Data Protection (VDP)6.0.xaffected
VMwarevSphere Data Protection (VDP)5.8.xaffected
VMwarevSphere Data Protection (VDP)5.5.xaffected

Weaknesses

  • Remote Command Execution

ADP Enrichment

CVE Program Container

Additional References

References