9.8
CVE-2017-4917
- EPSS 0.08%
- Published 07.06.2017 17:29:00
- Last modified 20.04.2025 01:37:25
- Source security@vmware.com
- Teams watchlist Login
- Open Login
VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x locally stores vCenter Server credentials using reversible encryption. This issue may allow plaintext credentials to be obtained.
Data is provided by the National Vulnerability Database (NVD)
VMware ≫ Vsphere Data Protection Version5.5.5
VMware ≫ Vsphere Data Protection Version5.5.6
VMware ≫ Vsphere Data Protection Version5.5.7
VMware ≫ Vsphere Data Protection Version5.5.8
VMware ≫ Vsphere Data Protection Version5.5.9
VMware ≫ Vsphere Data Protection Version5.5.10
VMware ≫ Vsphere Data Protection Version5.5.11
VMware ≫ Vsphere Data Protection Version5.8.0
VMware ≫ Vsphere Data Protection Version5.8.1
VMware ≫ Vsphere Data Protection Version5.8.2
VMware ≫ Vsphere Data Protection Version5.8.3
VMware ≫ Vsphere Data Protection Version5.8.4
VMware ≫ Vsphere Data Protection Version6.0.0
VMware ≫ Vsphere Data Protection Version6.0.1
VMware ≫ Vsphere Data Protection Version6.0.2
VMware ≫ Vsphere Data Protection Version6.0.3
VMware ≫ Vsphere Data Protection Version6.0.4
VMware ≫ Vsphere Data Protection Version6.1.0
VMware ≫ Vsphere Data Protection Version6.1.1
VMware ≫ Vsphere Data Protection Version6.1.2
VMware ≫ Vsphere Data Protection Version6.1.3
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.08% | 0.209 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
CWE-327 Use of a Broken or Risky Cryptographic Algorithm
The product uses a broken or risky cryptographic algorithm or protocol.