CVE-2017-4917

critical

Description

VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x locally stores vCenter Server credentials using reversible encryption. This issue may allow plaintext credentials to be obtained.

References

http://www.vmware.com/security/advisories/VMSA-2017-0010.html

http://www.securitytracker.com/id/1038617

http://www.securityfocus.com/bid/98936

Details

Source: Mitre, NVD

Published: 2017-06-07

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical