9.8
CVE-2017-4917
- EPSS 0.08%
- Veröffentlicht 07.06.2017 17:29:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
- Quelle security@vmware.com
- Teams Watchlist Login
- Unerledigt Login
VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x locally stores vCenter Server credentials using reversible encryption. This issue may allow plaintext credentials to be obtained.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
VMware ≫ Vsphere Data Protection Version5.5.5
VMware ≫ Vsphere Data Protection Version5.5.6
VMware ≫ Vsphere Data Protection Version5.5.7
VMware ≫ Vsphere Data Protection Version5.5.8
VMware ≫ Vsphere Data Protection Version5.5.9
VMware ≫ Vsphere Data Protection Version5.5.10
VMware ≫ Vsphere Data Protection Version5.5.11
VMware ≫ Vsphere Data Protection Version5.8.0
VMware ≫ Vsphere Data Protection Version5.8.1
VMware ≫ Vsphere Data Protection Version5.8.2
VMware ≫ Vsphere Data Protection Version5.8.3
VMware ≫ Vsphere Data Protection Version5.8.4
VMware ≫ Vsphere Data Protection Version6.0.0
VMware ≫ Vsphere Data Protection Version6.0.1
VMware ≫ Vsphere Data Protection Version6.0.2
VMware ≫ Vsphere Data Protection Version6.0.3
VMware ≫ Vsphere Data Protection Version6.0.4
VMware ≫ Vsphere Data Protection Version6.1.0
VMware ≫ Vsphere Data Protection Version6.1.1
VMware ≫ Vsphere Data Protection Version6.1.2
VMware ≫ Vsphere Data Protection Version6.1.3
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.08% | 0.209 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
CWE-327 Use of a Broken or Risky Cryptographic Algorithm
The product uses a broken or risky cryptographic algorithm or protocol.