Test ID:	1.3.6.1.4.1.25623.1.0.107217
Category:	General
Title:	VMware vSphere Data Protection Command Execution and Information Disclosure Vulnerabilities
Summary:	VMware vSphere Data Protection is prone; to an arbitrary command-execution and information disclosure vulnerabilities.
Description:	Summary: VMware vSphere Data Protection is prone to an arbitrary command-execution and information disclosure vulnerabilities. Vulnerability Insight: VMware vSphere Data Protection is prone to an arbitrary command-execution and information disclosure vulnerabilities. An attacker can exploit this issue to execute arbitrary command on the affected system. This may aid in further attacks. Vulnerability Impact: An attacker can exploit this issue to execute arbitrary command on the affected system. This may aid in further attacks. Attacker can also gain access to potentially sensitive information. Affected Software/OS: VMWare vSphere Data Protection 5.5.x before 6.0.5, 5.8.x before 6.0.5, 6.0.x before 6.0.5, 6.1.x before 6.1.4 Solution: Updates are available. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2017-4914 BugTraq ID: 98939 http://www.securityfocus.com/bid/98939 https://www.exploit-db.com/exploits/42152/ http://www.securitytracker.com/id/1038617 Common Vulnerability Exposure (CVE) ID: CVE-2017-4917 BugTraq ID: 98936 http://www.securityfocus.com/bid/98936
Copyright	Copyright (C) 2017 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.