Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title vSphere Data Protection (VDP) updates address multiple security issues.
Informations
Name VMSA-2018-0029 First vendor Publication 2018-11-20
Vendor VMware Last vendor Modification 2018-11-20
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

a. Remote code execution vulnerability.

VDP contains a remote code execution vulnerability. A remote

unauthenticated attacker could potentially exploit this

vulnerability to execute arbitrary commands on the server.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has

assigned the identifier CVE-2018-11066 to this issue.

Column 5 of the following table lists the action required to

remediate the vulnerability in each release, if a solution is

available.

b. Open redirection vulnerability.

VDP contains an open redirection vulnerability. A remote unauthenticated

attacker could potentially exploit this vulnerability to redirect

application users to arbitrary web URLs by tricking the victim users to

click on maliciously crafted links. The vulnerability could be used to

conduct phishing attacks that cause users to unknowingly visit malicious

sites.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has

assigned the identifier CVE-2018-11067 to this issue.

Column 5 of the following table lists the action required to

remediate the vulnerability in each release, if a solution is

available.

c. Information exposure vulnerability.

VDP contains an information exposure vulnerability. VDP Java

management console's SSL/TLS private key may be leaked in the VDP

Java management client package. The private key could potentially be

used by an unauthenticated attacker on the same data-link layer to

initiate a MITM attack on management console users.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has

assigned the identifier CVE-2018-11076 to this issue.

Column 5 of the following table lists the action required to

remediate the vulnerability in each release, if a solution is

available.

d. Command injection vulnerability.

The 'getlogs' troubleshooting utility in VDP contains an OS command

injection vulnerability. A malicious admin user may potentially be able

to execute arbitrary commands under root privilege.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has

assigned the identifier CVE-2018-11077 to this issue.

Column 5 of the following table lists the action required to

remediate the vulnerability in each release, if a solution is

available.

Original Source

Url : http://www.vmware.com/security/advisories/VMSA-2018-0029.html

CWE : Common Weakness Enumeration

% Id Name
33 % CWE-601 URL Redirection to Untrusted Site ('Open Redirect') (CWE/SANS Top 25)
33 % CWE-200 Information Exposure
33 % CWE-78 Improper Sanitization of Special Elements used in an OS Command ('OS Command Injection') (CWE/SANS Top 25)

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 9
Application 3
Application 19

Nessus® Vulnerability Scanner

Date Description
2018-11-30 Name : A backup solution running on the remote host is affected by multiple vulnerab...
File : emc_avamar_dsa-2018-145.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
Date Informations
2019-01-02 21:21:34
  • Multiple Updates
2019-01-01 00:24:07
  • Multiple Updates
2018-11-27 21:22:51
  • Multiple Updates
2018-11-20 21:18:13
  • First insertion