Man-in-the-Middle Vulnerability in VMware vSphere Data Protection and EMC Avamar
CVE-2014-4632

Currently unrated

Key Information:

Vendor

Vmware
Status
Vsphere Data Protection
Vendor
CVE Published:
1 February 2015

What is CVE-2014-4632?

VMware vSphere Data Protection and EMC Avamar products suffer from an improper verification process for X.509 certificates in SSL connections with vCenter Server. This flaw enables attackers to execute man-in-the-middle attacks, potentially allowing unauthorized access to backup and restore functionalities by presenting a malicious certificate. Organizations utilizing affected versions are urged to implement the recommended updates or mitigations to secure their data against these risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.vmware.com/security/advisories/VMSA-2015-0002....
x_refsource_CONFIRM
http://archives.neohapsis.com/archives/bugtraq/2015-01/01...
mailing-listx_refsource_BUGTRAQ
https://exchange.xforce.ibmcloud.com/vulnerabilities/100866
vdb-entryx_refsource_XF

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.