[Security-announce] NEW VMSA-2018-0001 vSphere Data Protection (VDP) updates address multiple security issues.

VMware Security Announcements security-announce at lists.vmware.com
Tue Jan 2 09:46:19 PST 2018


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------

                               VMware Security Advisory

Advisory ID: VMSA-2018-0001
Severity:    Critical
Synopsis:    vSphere Data Protection (VDP) updates address
             multiple security issues.
Issue date:  2018-01-02
Updated on:  2018-01-02 (Initial Advisory)
CVE number:  CVE-2017-15548, CVE-2017-15549, CVE-2017-15550

1. Summary

   vSphere Data Protection (VDP) updates address
   multiple security issues.

2. Relevant Products

   vSphere Data Protection (VDP)

3. Problem Description

   a. VDP authentication bypass vulnerability.

   VDP contains an authentication bypass vulnerability.
   A remote unauthenticated malicious user can potentially bypass
   application authentication and gain unauthorized root access
   to the affected systems.

   The Common Vulnerabilities and Exposures project (cve.mitre.org) has
   assigned the identifier CVE-2017-15548 to this issue.

   Column 5 of the following table lists the action required to
   remediate the vulnerability in each release, if a solution is
   available.

   VMware      Product    Running            Replace with/     Mitigation/
   Product     Version    on       Severity  Apply Patch       Workaround
   ==========  =========  =======  ========  ================  ==========
   VDP         6.1.x      VA       Critical  6.1.6             None
   VDP         6.0.x      VA       Critical  6.0.7             None
   VDP         5.x        VA       Critical  6.0.7             None


   b. VDP arbitrary file upload vulnerability.

   VDP contains a file upload vulnerability. A remote authenticated
   malicious user with low privileges could potentially upload arbitrary
   maliciously crafted files in any location on the server file system.

   The Common Vulnerabilities and Exposures project (cve.mitre.org) has
   assigned the identifier CVE-2017-15549 to this issue.

   Column 5 of the following table lists the action required to
   remediate the vulnerability in each release, if a solution is
   available.

   VMware      Product    Running            Replace with/     Mitigation/
   Product     Version    on       Severity  Apply Patch       Workaround
   ==========  =========  =======  ========  ================  ==========
   VDP         6.1.x      VA       Important 6.1.6             None
   VDP         6.0.x      VA       Important 6.0.7             None
   VDP         5.x      VA         Important 6.0.7             None


   b. VDP path traversal vulnerability.

   VDP contains a path traversal vulnerability. A remote authenticated
   malicious user with low privileges could access arbitrary files on
   the server file system in the context of the running vulnerable
   application.

   The Common Vulnerabilities and Exposures project (cve.mitre.org) has
   assigned the identifier CVE-2017-15550 to this issue.

   Column 5 of the following table lists the action required to
   remediate the vulnerability in each release, if a solution is
   available.

   VMware      Product    Running            Replace with/     Mitigation/
   Product     Version    on       Severity  Apply Patch       Workaround
   ==========  =========  =======  ========  ================  ==========
   VDP         6.1.x      VA       Important 6.1.6             None
   VDP         6.0.x      VA       Important 6.0.7             None
   VDP         5.x        VA       Important 6.0.7             None


4. Solution

   Please review the patch/release notes for your product and version and
   verify the checksum of your downloaded file.

   vSphere Data Protection 6.1.6
   Downloads and Documentation:
   https://my.vmware.com/group/vmware/details?productId=491
   &downloadGroup=VDP616
   https://www.vmware.com/support/pubs/vdr_pubs.html

   vSphere Data Protection 6.0.7
   Downloads and Documentation:
   https://my.vmware.com/group/vmware/details?productId=491
   &downloadGroup=VDP60_7
   https://www.vmware.com/support/pubs/vdr_pubs.html


5. References

   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15548
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15549
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15550

- -------------------------------------------------------------------------

6. Change log

   2018-01-02 VMSA-2018-0001
   Initial security advisory in conjunction with the release of VMware
   vSphere Data Protection 6.1.6 and 6.0.7 on 2018-01-02

- -------------------------------------------------------------------------
7. Contact

   E-mail list for product security notifications and announcements:
   http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce

   This Security Advisory is posted to the following lists:

     security-announce at lists.vmware.com
     bugtraq at securityfocus.com
     fulldisclosure at seclists.org

   E-mail: security at vmware.com
   PGP key at: https://kb.vmware.com/kb/1055

   VMware Security Advisories
   http://www.vmware.com/security/advisories

   VMware Security Response Policy
   https://www.vmware.com/support/policies/security_response.html

   VMware Lifecycle Support Phases
   https://www.vmware.com/support/policies/lifecycle.html

   VMware Security & Compliance Blog
   https://blogs.vmware.com/security

   Twitter
   https://twitter.com/VMwareSRC

   Copyright 2018 VMware Inc.  All rights reserved.

-----BEGIN PGP SIGNATURE-----
Version: Encryption Desktop 10.4.1 (Build 490)
Charset: utf-8

wj8DBQFaS7o+DEcm8Vbi9kMRAvUQAKCks102uXDsEOT0AcYwuv0VL9TgCACg0NVl
zLtZQmtSWIS/9wS1zZto3AQ=
=fHg4
-----END PGP SIGNATURE-----

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.vmware.com/pipermail/security-announce/attachments/20180102/1d98676a/attachment.html>


More information about the Security-announce mailing list