9.8

CVE-2017-4917

VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x locally stores vCenter Server credentials using reversible encryption. This issue may allow plaintext credentials to be obtained.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
VMwareVsphere Data Protection Version5.5.5
VMwareVsphere Data Protection Version5.5.6
VMwareVsphere Data Protection Version5.5.7
VMwareVsphere Data Protection Version5.5.8
VMwareVsphere Data Protection Version5.5.9
VMwareVsphere Data Protection Version5.5.10
VMwareVsphere Data Protection Version5.5.11
VMwareVsphere Data Protection Version5.8.0
VMwareVsphere Data Protection Version5.8.1
VMwareVsphere Data Protection Version5.8.2
VMwareVsphere Data Protection Version5.8.3
VMwareVsphere Data Protection Version5.8.4
VMwareVsphere Data Protection Version6.0.0
VMwareVsphere Data Protection Version6.0.1
VMwareVsphere Data Protection Version6.0.2
VMwareVsphere Data Protection Version6.0.3
VMwareVsphere Data Protection Version6.0.4
VMwareVsphere Data Protection Version6.1.0
VMwareVsphere Data Protection Version6.1.1
VMwareVsphere Data Protection Version6.1.2
VMwareVsphere Data Protection Version6.1.3
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.08% 0.243
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
CWE-327 Use of a Broken or Risky Cryptographic Algorithm

The product uses a broken or risky cryptographic algorithm or protocol.

http://www.securityfocus.com/bid/98936
Third Party Advisory
VDB Entry