CVE-2017-4917

Summary

VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x locally stores vCenter Server credentials using reversible encryption. This issue may allow plaintext credentials to be obtained.

Affected Software

VendorProductVersion RangeStatus
VMwarevSphere Data Protection (VDP)6.1.xaffected
VMwarevSphere Data Protection (VDP)6.0.xaffected
VMwarevSphere Data Protection (VDP)5.8.xaffected
VMwarevSphere Data Protection (VDP)5.5.xaffected

Weaknesses

  • Information Disclosure

ADP Enrichment

CVE Program Container

Additional References

References