Lucene search
VMwareVMSA-2017-0010HistoryJun 06, 2017 - 12:00 a.m.
vSphere Data Protection (VDP) updates address multiple security issues.
2017-06-0600:00:00
www.vmware.com
508
0.054 Low
EPSS
Percentile
93.2%
a. VDP Java deserialization issue
VDP contains a deserialization issue. Exploitation of this issue may allow a remote attacker to execute commands on the appliance.
VMware would like to thank Tim Roberts, Arthur Chilipweli, and Kelly Correll from NTT Security for reporting this issue to us.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2017-4914 to this issue.
Column 5 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.
Related
nessus
nessus
openvas
openvas
VMware vSphere Data Protection (VDP) Multiple Vulnerabilities
2017-08-30 00:00:00
cvelist
cvelist
CVE-2017-4917
2017-06-07 17:00:00
CVE-2017-4914
2017-06-07 17:00:00
cve
cve
CVE-2017-4917
2017-06-07 17:29:00
CVE-2017-4914
2017-06-07 17:29:00
prion
prion
Design/Logic Flaw
2017-06-07 17:29:00
Deserialization of untrusted data
2017-06-07 17:29:00
threatpost
threatpost
VMware Patches Critical Vulnerabilities in vSphere Data Protection
2017-06-08 12:12:59
seebug
seebug
VMware vSphere Data Protection 5.x/6.x - Java Deserialization(CVE-2017-4914)
2017-06-12 00:00:00
checkpoint_advisories
checkpoint_advisories
VMware vSphere Data Protection Remote Code Execution (CVE-2017-4914)
2017-06-12 00:00:00
nvd
nvd
CVE-2017-4917
2017-06-07 17:29:00
CVE-2017-4914
2017-06-07 17:29:00
zdt
zdt
VMware vSphere Data Protection 5.x/6.x - Java Deserialization Exploit
2017-06-11 00:00:00
packetstorm
packetstorm
VMware vSphere Data Protection 5.x / 6.x Java Deserialization
2017-06-12 00:00:00
vmware
vmware
vSphere Data Protection (VDP) updates address multiple security issues.
2018-01-02 00:00:00