2. Relevant Products

vSphere Data Protection (VDP)



3. Problem Description

a. VDP authentication bypass vulnerability.





VDP contains an authentication bypass vulnerability.

A remote unauthenticated malicious user can potentially bypass application authentication and gain unauthorized root access to the affected systems.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2017-15548 to this issue.

Column 5 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.