On November 20th 2018 VMware released the following new security advisory:
VMSA-2018-0029 vSphere Data Protection (VDP) updates address multiple security issues.
This documents several critical, important and moderate severity issues affecting VDP. VDP is based on Dell EMC Avamar Virtual Edition.
Issue (a) is a critical severity remote code execution vulnerability ( CVE-2018-11066 ). A remote unauthenticated attacker could potentially exploit this vulnerability to execute arbitrary commands on the server.
Issue (b) is an important severity open redirection vulnerability ( CVE-2018-11067 ). A remote unauthenticated attacker could potentially exploit this vulnerability to redirect application users to arbitrary web URLs by tricking the victim users to click on maliciously crafted links. The vulnerability could be used to conduct phishing attacks that cause users to unknowingly visit malicious sites.
Issue (c) is an important severity information exposure vulnerability ( CVE-2018-11076 ). VDP Java management console’s SSL/TLS private key may be leaked in the VDP Java management client package. The private key could potentially be used by an unauthenticated attacker on the same data-link layer to initiate a MITM attack on management console users.
Issue (d) is a moderate severity command injection vulnerability ( CVE-2018-11077 ). The ‘getlogs’ troubleshooting utility in VDP contains an OS command injection vulnerability. A malicious admin user may potentially be able to execute arbitrary commands under root privilege.
These issues have been addressed in VDP 6.1.10, 6.1.9 and 6.0.9.
Please sign up to the Security-Announce mailing list to receive new and updated VMware Security Advisories.