VMware vSphere Data Protection 6.0.x < 6.0.9 / 6.1.x < 6.1.10 Multiple Vulnerabilities (VMSA-2018-0029)
Critical Nessus Plugin ID 119304
SynopsisA virtualization appliance installed on the remote host is affected by multiple vulnerabilities.
DescriptionThe version of VMware vSphere Data Protection installed on the remote host is 6.0.x < 6.0.9 and 6.1.x < 6.1.10. It is, therefore, affected by the following vulnerabilities:
- A remote command execution vulnerability. An unauthenticated, remote attacker can exploit this to bypass authentication and execute arbitrary commands. (CVE-2018-11066)
- An open redirection vulnerability. An unauthenticated, remote attacker can exploit this to redirect application users to arbitrary, potentially malicious, web URLs. (CVE-2018-11067)
- A command injection vulnerability exists in the 'getlogs' troubleshooting utility. An authenticated attacker with admin privileges can exploit this, to execute arbitrary commands with root privileges. (CVE-2018-11076)
- An information disclosure vulnerability exists in Java management client package exposing the SSL/TLS private key.
An unauthenticated, remote attacker can exploit this to conduct a MITM attack. (CVE-2018-11077)
SolutionUpgrade to VMware vSphere Data Protection version 6.0.9 / 6.1.10 or later..