SynopsisA virtualization appliance installed on the remote host is affected by an authentication bypass vulnerability.
DescriptionThe version of VMware vSphere Data Protection installed on the remote host is 5.5.x / 5.8.x / 6.0.x / 6.1.x. It is, therefore, affected by an authentication bypass vulnerability due to the use of an SSH private key that has a known password and which is configured to allow key-based authentication. A remote attacker can exploit this to gain root login access via an SSH session.
SolutionApply the appropriate patch according to the vendor advisory.